Moni nonse! Malo omwe aliyense amakonda kwambiri anali ndi zolemba zambiri zokhuza ziphaso pazachitetezo chazidziwitso, chifukwa chake sindinena kuti zomwe zili mkati mwawo ndi zachilendo, koma ndikufuna kugawana zomwe ndakumana nazo popeza GIAC (Global Information Assurance Company) certification m'munda wa Industrial cybersecurity. Popeza maonekedwe a mawu oipa ngati , , Shamoon, Triton, msika wopereka chithandizo cha akatswiri omwe akuwoneka kuti ndi a IT, komanso amatha kudzaza PLCs ndikulembanso kasinthidwe pamakwerero, ndipo nthawi yomweyo chomeracho sichingaimitsidwe, chinayamba kupanga.
Umu ndi momwe lingaliro la IT&OT (Information Technology & Operation Technology) lidabwera padziko lapansi.
Nthawi yomweyo (zikuwonekeratu kuti ogwira ntchito osayenera sayenera kuloledwa kugwira ntchito) adadza kufunika kotsimikizira akatswiri m'munda wokhudzana ndi kuonetsetsa chitetezo cha machitidwe olamulira ndi mafakitale - zomwe, zimakhalapo, pali zambiri. iwo m'miyoyo yathu, kuchokera ku valavu yopangira madzi yokha m'nyumba kupita ku ndege zoyendetsa ndege (kumbukirani nkhani yabwino kwambiri yofufuza zovuta ). Ndipo ngakhale, monga momwe zinakhalira, zovuta zamankhwala zida.
Mawu achidule onena za momwe ndinafikira pakufunika kopeza ziphaso (mutha kudumpha): Nditamaliza maphunziro anga ku Faculty of Information Security kumapeto kwa zaka za m'ma XNUMX, ndidalowa m'gulu la nkhosa ndi mutu wanga. atagwira ntchito kwambiri, akugwira ntchito ngati makina opangira ma alarm achitetezo otsika. Zikuwoneka kuti chitetezo chazidziwitso chinandiwuza ine pakampaniyo panthawiyo :) Umu ndi momwe ntchito yanga ngati katswiri wowongolera makina omwe ali ndi digiri ya bachelor muchitetezo chazidziwitso idayambira. Zaka zisanu ndi chimodzi pambuyo pake, nditakwera paudindo wa mkulu wa dipatimenti ya machitidwe a SCADA, ndinasiya kukagwira ntchito monga mlangizi wa chitetezo cha machitidwe olamulira mafakitale mβkampani yakunja yogulitsa mapulogalamu ndi zipangizo. Apa ndipamene panabuka kufunika kokhala katswiri wodziwa zachitetezo chazidziwitso.
ndi chitukuko bungwe lomwe limachita maphunziro ndi ziphaso za akatswiri achitetezo azidziwitso. Mbiri ya satifiketi ya GIAC ndiyokwera kwambiri pakati pa akatswiri ndi makasitomala m'misika ya EMEA, US, ndi Asia Pacific. Pano, mu malo a post-Soviet ndi m'mayiko a CIS, chiphaso choterocho chikhoza kufunsidwa ndi makampani akunja omwe ali ndi bizinesi m'mayiko athu, mabungwe apadziko lonse ndi alangizi. Inemwini, sindinakumanepo ndi pempho la ziphaso zotere kuchokera kumakampani apakhomo. Aliyense akupempha CISSP. Ili ndi lingaliro langa lokhazikika ndipo ngati wina agawana zomwe adakumana nazo mu ndemanga, zidzakhala zosangalatsa kudziwa.
Pali madera angapo osiyanasiyana ku SANS (m'malingaliro anga, posachedwapa anyamata awonjezera chiwerengero chawo), koma palinso maphunziro othandiza kwambiri. Ndinkakonda kwambiri . Koma nkhani idzakhala ya maphunziro ndi satifiketi yotchedwa: .
Mwa mitundu yonse ya certification ya Industrial Cyber ββββSecurity yoperekedwa ndi SANS, iyi ndiye yapadziko lonse lapansi. Popeza yachiwiri ikukhudzana kwambiri ndi machitidwe a Power Grid, omwe Kumadzulo amalandira chidwi chapadera ndipo ali m'gulu lapadera la machitidwe. Ndipo chachitatu (panthawi ya njira yanga yotsimikizira) yokhudzana ndi Kuyankha kwa Zochitika.
Maphunzirowa ndiotsika mtengo, koma amapereka chidziwitso chambiri cha IT&OT. Zikhala zothandiza makamaka kwa anzawo omwe asankha kusintha gawo lawo, mwachitsanzo kuchokera ku chitetezo cha IT mumakampani akubanki kupita ku Industrial Cyber ββββSecurity. Popeza ndinali kale ndi mbiri yokhudzana ndi kayendetsedwe ka kayendetsedwe ka kayendetsedwe ka kayendetsedwe ka kayendetsedwe ka kayendetsedwe ka kayendetsedwe ka kayendetsedwe ka kayendetsedwe ka kayendetsedwe ka kayendetsedwe ka kayendetsedwe ka kayendetsedwe ka kayendetsedwe ka kayendetsedwe ka kayendetsedwe ka kayendetsedwe ka kayendetsedwe ka kayendetsedwe ka kayendetsedwe ka kayendetsedwe ka kayendetsedwe ka kayendetsedwe ka kayendetsedwe ka kayendetsedwe ka kayendetsedwe ka kayendetsedwe ka kayendetsedwe ka kayendetsedwe ka kayendetsedwe ka kayendetsedwe ka kayendetsedwe ka kayendetsedwe ka kayendetsedwe ka kayendetsedwe ka kayendetsedwe ka kayendetsedwe ka kayendetsedwe ka kayendetsedwe ka kayendetsedwe ka kayendetsedwe ka kayendetsedwe ka kayendetsedwe ka kayendetsedwe ka kayendetsedwe ka kayendetsedwe ka kayendetsedwe ka kayendetsedwe ka kayendetsedwe ka kayendetsedwe kake.
Maphunzirowa ali ndi 50% chiphunzitso ndi 50% kuchita. Kuchokera pakuchita, mpikisano wosangalatsa kwambiri unali NetWars. Kwa masiku awiri, pambuyo pa maphunziro akuluakulu, ophunzira onse amakalasi onse adagawidwa m'magulu ndikuchita ntchito kuti apeze ufulu wopeza, kuchotsa zidziwitso zofunikira, kupeza mwayi wopita ku intaneti, gulu la ntchito zolimbikitsa ma hashes, kugwira ntchito ndi Wireshark. ndi mitundu yonse yamitundu yosiyanasiyana.
Maphunzirowa akufotokozedwa mwachidule ngati mabuku, omwe mumalandila kuti muwagwiritse ntchito kosatha. Mwa njira, mukhoza kuwatengera mayeso, popeza mtundu ndi Open Book, koma sangakuthandizeni kwambiri, popeza mayeso ali 3 hours, 115 mafunso, ndi chinenero yobereka ndi English. Pamaola atatu onsewa, mutha kupuma mphindi 3. Koma kumbukirani kuti pakupuma kwa mphindi 15 ndikubwerera ku mayeso pambuyo pa 15, mukungosiya mphindi khumi zotsalazo, popeza simungathenso kuyimitsa nthawi mu pulogalamu yoyesera. Mutha kulumpha mpaka mafunso 5, omwe amawonekera kumapeto kwenikweni.
Payekha, sindikulangiza kusiya mafunso ambiri pambuyo pake, chifukwa maola a 3 si nthawi yokwanira, ndipo pamapeto pake muli ndi mafunso omwe sanathe kuthetsedwa, pali mwayi waukulu woti simungathe kuchita. izo mu nthawi. Ndinasiya kufunsa mafunso atatu okha omwe anali ovuta kwa ine, chifukwa anali okhudzana ndi chidziwitso cha NIST 800.82 ndi NERC standard. Mwamaganizo, mafunso otere "pambuyo pake" amakhudza mitsempha yanu kumapeto - pamene ubongo wanu watopa, mukufuna kupita kuchimbudzi, chowonera pawindo chikuwoneka kuti chikufulumira kwambiri.
Nthawi zambiri, kuti muthe mayeso muyenera kupeza mayankho olondola a 71%. Musanayambe mayeso, mudzakhala ndi mwayi kuchita mayeso enieni - monga mtengo zikuphatikizapo 2 mayesero mchitidwe wa mafunso 115 ndi zinthu zofanana ndi mayeso enieni.
Ndikupangira kutenga mayeso patatha mwezi umodzi nditamaliza maphunzirowa, ndikuthera mwezi uno pakudziphunzira mwadongosolo pazinthu zomwe simukutsimikiza. Zingakhale zabwino ngati mutatenga zosindikizidwa zomwe mwalandira panthawi ya maphunziro, zomwe zimawoneka ngati zolemba zazifupi pamutu uliwonse - ndikufufuza mwadala zambiri pamitu yomwe ili m'mabuku awa. Gwirani mweziwo m'magawo awiri, kuyesa mayeso ndikupeza chithunzi chovuta cha madera omwe muli amphamvu komanso komwe muyenera kusintha.
Ndikufuna kuwunikira mbali zazikuluzikulu zotsatirazi zomwe zimapanga mayesowo (osati maphunziro, chifukwa amakhudza mitu yambiri):
- Chitetezo Chathupi: Monga mayeso ena a certification, nkhaniyi imayamikiridwa kwambiri mu GICSP. Pali mafunso okhudza mitundu ya zokhoma pazitseko, zomwe zikufotokozedwa ndi zabodza zodutsa pakompyuta, pomwe muyenera kupereka yankho kuti muzindikire vutolo mosadziwika bwino. Pali mafunso okhudzana mwachindunji ndi chitetezo chaukadaulo (ndondomeko), kutengera nkhani - njira zamafuta ndi gasi, mafakitale amagetsi a nyukiliya kapena ma gridi amagetsi. Mwachitsanzo, pakhoza kukhala funso ngati: Dziwani kuti ndi mtundu wanji wa chitetezo chathupi chomwe chilili pamene Alamu imachokera ku sensa ya kutentha kwa nthunzi pa HMI? Kapena funso ngati: Kodi ndizochitika ziti (chochitika) chomwe chingakhale chifukwa chowunikira makanema ojambulira kuchokera ku makamera oyang'anira achitetezo chachitetezo cha malowo?
Mwa mawu peresenti, ine ndingazindikire kuti chiwerengero cha mafunso pa gawo ili mayeso anga ndi mayesero mchitidwe sanali upambana 5%.
- Mmodzi mwa magulu ofala kwambiri a mafunso ndi mafunso okhudza machitidwe oyendetsera ndondomeko, PLC, SCADA: apa padzakhala kofunikira kuyandikira mwadongosolo kafukufuku wazinthu za momwe machitidwe oyendetsera ndondomeko amapangidwira, kuchokera ku masensa kupita ku maseva kumene mapulogalamu ogwiritsira ntchito okha. amathamanga. Mafunso okwanira adzapezeka pamitundu yamaprotocol otengera deta yamakampani (ModBus, RTU, Profibus, HART, etc.). Padzakhala mafunso okhudza momwe RTU imasiyanirana ndi PLC, momwe mungatetezere deta mu PLC kuti isasinthidwe ndi wowukira, momwe malo okumbukira PLC amasungira deta, ndi kumene logic yokha imasungidwa (pulogalamu yolembedwa ndi ndondomeko yoyendetsera ndondomeko ). Mwachitsanzo, pakhoza kukhala funso lamtunduwu: Perekani yankho la momwe mungadziwire kuwukira pakati pa PLC ndi HMI yomwe imagwiritsa ntchito protocol ya ModBus?
Padzakhala mafunso okhudza kusiyana pakati pa machitidwe a SCADA ndi DCS. Mafunso ambiri pa malamulo olekanitsa maukonde oyendetsa makina pa L1, L2 mlingo kuchokera pa mlingo wa L3 (ndidzalongosola mwatsatanetsatane mu gawoli ndi mafunso pa intaneti). Mafunso omwe ali pamutuwu adzakhalanso osiyanasiyana - amafotokoza momwe zinthu zilili muchipinda chowongolera ndipo muyenera kusankha zochita zomwe ziyenera kuchitidwa ndi woyendetsa kapena wotumiza.
Kawirikawiri, gawo ili ndilodziwika kwambiri komanso lopapatiza. Zimafunika kuti mukhale ndi thanzi labwino:
- Makina owongolera okha, gawo lamunda (zoseweretsa, mitundu yolumikizira zida, mawonekedwe amtundu wa masensa, PLC, RTU);
- machitidwe otsekera mwadzidzidzi (ESD - dongosolo lotsekera mwadzidzidzi) la njira ndi zinthu (mwa njira, pali mndandanda wabwino kwambiri wankhani pamutuwu pa HabrΓ© wochokera )
- kumvetsetsa kofunikira kwa njira zakuthupi zomwe zimachitika, mwachitsanzo, pakuyenga mafuta, kupanga magetsi, mapaipi, ndi zina zambiri;
- kumvetsetsa kwa kamangidwe ka machitidwe a DCS ndi SCADA;
Ndikuwona kuti mafunso amtunduwu amatha kuchitika mpaka 25% mu mafunso onse 115 a mayeso. - Ukadaulo wapaintaneti ndi chitetezo pamaneti: Ndikuganiza kuti kuchuluka kwa mafunso pamutuwu kumabwera koyamba pamayeso. Mwina padzakhala chilichonse - mtundu wa OSI, pamlingo wotani womwe izi kapena protocol imagwira ntchito, mafunso ambiri pagawo la maukonde, mafunso okhudzana ndi kuukira kwa maukonde, zitsanzo za zipika zolumikizirana ndi malingaliro kuti adziwe mtundu wa kuukira, zitsanzo za masinthidwe osintha. ndi maganizo kudziwa kasinthidwe osatetezeka, mafunso pa zofooka ndondomeko maukonde, mafunso pa yeniyeni kugwirizana maukonde a protocol kulankhulana mafakitale. Anthu makamaka amafunsa zambiri za ModBus. Kapangidwe ka mapaketi a netiweki a ModBus yemweyo, kutengera mtundu wake ndi mitundu yothandizidwa ndi chipangizocho. Chisamaliro chachikulu chimaperekedwa pakuwukira kwa ma netiweki opanda zingwe - ZigBee, Wireless HART, ndikungofunsa chabe zachitetezo cha netiweki cha banja lonse la 802.1x. Padzakhala mafunso okhudza malamulo oyika ma seva ena mu network control system network (apa muyenera kuwerenga mulingo wa IEC-62443 ndikumvetsetsa mfundo zamawonekedwe a ma network a process control system). Padzakhala mafunso okhudza mtundu wa Purdue.
- Gulu lazinthu zomwe zimagwirizana kwambiri ndi magwiridwe antchito a machitidwe otumizira magetsi ndi machitidwe achitetezo azidziwitso kwa iwo. Ku USA, gulu ili la makina owongolera opangira makina limatchedwa Power Grid ndipo limapatsidwa gawo lina. Pazifukwa izi, miyezo yosiyana imaperekedwanso (NIST 800.82) yowongolera njira yopangira njira zotetezera zidziwitso za gawoli. M'mayiko athu, makamaka, gawo ili ndilochepa ku machitidwe a ASKUE (ndikonzereni ngati wina wawona njira yowonjezereka yoyang'anira kayendetsedwe ka magetsi ndi kutumiza magetsi). Chifukwa chake, pamayeso mupeza mafunso enieni okhudzana ndi Power Grid. Nthawi zambiri, izi zinali zogwiritsidwa ntchito pazochitika zinazake zomwe zidachitika pa Power Plant, koma pangakhalenso kafukufuku pazida zomwe zimagwiritsidwa ntchito makamaka mu Gulu la Mphamvu. Padzakhala mafunso okhudza chidziwitso cha magawo a NIST pagulu ili la machitidwe.
- Mafunso okhudzana ndi chidziwitso cha miyezo: NIST 800-82, NERC, IEC62443. Ndikuganiza pano popanda ndemanga zapadera - muyenera kuyang'ana magawo a miyezo, yomwe imayang'anira zomwe ndi malingaliro omwe ali nawo. Pali mafunso enieni, mwachitsanzo, kufunsa pafupipafupi kuyang'ana magwiridwe antchito, kuchuluka kwa kukonzanso ndondomeko, ndi zina. Monga gawo la mafunso oterowo, mpaka 15% ya mafunso onse amatha kukumana nawo. Koma zimatengera. Mwachitsanzo, pa mayesero awiri mchitidwe ndinapeza angapo chabe mafunso ofanana. Koma analidi ambiri panthawi ya mayeso.
- Chabwino, gulu lomaliza la mafunso ndi mitundu yonse ya mafunso ogwiritsira ntchito komanso mafunso anthawi zonse.
Mwambiri, maphunzirowo, kupatulapo CTF NetWars, sizinandiphunzitse zambiri pankhani yopeza chidziwitso chatsopano. M'malo mwake, zakuya zamitu ina zidapezedwa, makamaka pankhani yokonza ndi kuteteza mawayilesi omwe amagwiritsidwa ntchito kufalitsa zidziwitso zaukadaulo, komanso zinthu zokonzedwa bwino pamapangidwe amiyezo yakunja yoperekedwa pamutuwu. Chifukwa chake, kwa mainjiniya ndi akatswiri omwe ali ndi chidziwitso chokwanira komanso chidziwitso chogwira ntchito ndi machitidwe owongolera / zida kapena ma Network Networks, mutha kuganiza zopulumutsa pamaphunziro (ndipo kupulumutsa kuli komveka), dzikonzekeretseni ndikupita molunjika kukatenga mayeso a certification, omwe , mwa njira, ndi ofunika 700USD. Mukalephera, muyenera kulipiranso. Pali malo ambiri aziphaso omwe angakulandireni mayeso; chachikulu ndikufunsiratu pasadakhale. Nthawi zambiri, ndikupangira kukhazikitsa tsiku la mayeso nthawi yomweyo, chifukwa apo ayi mudzazengereza nthawi zonse, m'malo mokonzekera ndi zinthu zina zofunika komanso zosafunikira kwenikweni. Ndipo kukhala ndi tsiku lomaliza lomaliza kumakupatsani mwayi wodzilimbikitsa.
Source: www.habr.com