Gore rino takatanga purojekiti hombe yekugadzira nzvimbo yekudzidzira cyber - chikuva che cyber exercises kumakambani ari mumaindasitiri akasiyana. Kuti uite izvi, zvinodikanwa kugadzira zvivakwa zvakangofanana "nezvakasikwa" - kuitira kuti vadzokorore chimiro chemukati chebhangi, kambani yesimba, nezvimwewo, uye kwete chete maererano nechikamu chekambani yetiweki. . Mushure mechinguva tichazotaura nezvebhangi uye zvimwe zvivakwa zveiyo cyber range, uye nhasi tichataura nezve magadzirisiro atakaita dambudziko iri zvine chekuita nechikamu chetekinoroji chebhizinesi reindasitiri.
Ehezve, iyo musoro weiyo cyber maekisesaizi uye cyber kudzidziswa nzvimbo haina kumuka nezuro. Kumadokero, denderedzwa rezvikumbiro zvinokwikwidza, nzira dzakasiyana dzekudzidzira cyber, uye kungoita zvakanakisa maitiro zvave zvichiumbwa. Iyo "yakanaka fomu" yeruzivo rwekuchengetedza sevhisi ndeye nguva nenguva kudzidzira kugadzirira kwayo kudzinga cyber kurwiswa mukuita. KuRussia, ichi chichiri chinyorwa chitsva: hongu, pane zvishoma, uye zvakamuka makore akati wandei apfuura, asi kudiwa, kunyanya muzvikamu zveindasitiri, kwakatanga kuita zvishoma nezvishoma chete ikozvino. Tinotenda kuti pane zvikonzero zvitatu zvikuru zveizvi - iwowo matambudziko akatova pachena.
Nyika iri kuchinja nekukasira
Makore gumi chete apfuura, matsotsi akarwisa kunyanya masangano aya kwavaigona kukurumidza kubvisa mari. Kune indasitiri, kutyisidzira uku kwaive kushoma. Iye zvino tinoona kuti zvivakwa zvemasangano ehurumende, simba uye maindasitiri emaindasitiri ari kuitawo nyaya yekufarira kwavo. Pano isu tinowanzo kutarisana nekuedza kweespionage, kuba data nekuda kwezvinangwa zvakasiyana (kukwikwidza njere, blackmail), pamwe nekuwana mapoinzi ekuvapo mune zvivakwa zvekuwedzera kutengeswa kune vanofarira shamwari. Zvakanaka, kunyange banal encryptors seWannaCry vakabata zvakati wandei zvinhu zvakafanana kutenderera pasirese. Naizvozvo, chokwadi chemazuva ano chinoda nyanzvi dzekuchengetedza ruzivo kuti dzitore njodzi idzi uye dzigadzire maitiro matsva ekuchengetedza ruzivo. Kunyanya, gara uchinatsiridza hunyanzvi hwako uye dzidzira hunyanzvi hunoshanda. Vashandi pamatanho ese ekushanda kwekutumira kudzora kwezvivakwa zveindasitiri vanofanirwa kuve nekunzwisisa kwakajeka kwezvipi zviito zvekutora kana chiitiko checyber kurwisa. Asi kuitisa cyber maekisesaizi pane yako wega zvivakwa - ndine hurombo, njodzi dzinopfuura zvakanyanya mabhenefiti.
Kushaikwa kwekunzwisisa kwechokwadi kugona kwevanorwisa kuhack process control system uye IIoT masisitimu
Dambudziko iri riripo pamatanho ese emasangano: kwete kunyangwe nyanzvi dzese dzinonzwisisa zvinogona kuitika kune yavo sisitimu, ndeapi kurwisa mavector anowanikwa achipikisa. Tingati kudii nezvehutungamiriri?
Nyanzvi dzezvekuchengetedza dzinowanzo kukwezva kune "mhepo gap", iyo inofungidzirwa isingatenderi anorwisa kuti aenderere mberi kupfuura network yemakambani, asi maitiro anoratidza kuti mu90% yemasangano pane kubatana pakati pemakambani uye tekinoroji zvikamu. Panguva imwecheteyo, izvo zvinhu chaizvo zvekuvaka uye kubata tekinoroji network zvakare zvinowanzo kuve nekusagadzikana, izvo isu, kunyanya, takaona tichiongorora michina. ΠΈ .
Zvakaoma kuvaka muenzaniso wekutyisidzira wakakwana
Mumakore achangopfuura, kwave kune nguva dzose yekuwedzera kuoma kwemashoko uye maitiro ekugadzirisa, pamwe chete nekushandura kune cyber-physical systems iyo inosanganisira kubatanidzwa kwekombiyuta zviwanikwa uye zvigadzirwa zvemuviri. Masisitimu ari kuita akaomarara zvekuti hazvigone kufanotaura zvese zvinokonzeresa kurwiswa kwecyber uchishandisa nzira dzekuongorora. Isu hatisi kutaura chete nezvekukuvadza kwehupfumi kusangano, asiwo nezvekuongorora mhedzisiro inonzwisisika kune tekinoroji uye yeindasitiri - kusapihwa kwemagetsi, semuenzaniso, kana imwe mhando yechigadzirwa, kana tichitaura nezvemafuta negesi. kana petrochemicals. Uye sei kuisa pakutanga mumamiriro ezvinhu akadaro?
Chaizvoizvo, izvi zvese, mumaonero edu, zvakava izvo zvinodikanwa zvekubuda kweiyo pfungwa yecyber exercises uye cyber kudzidziswa nzvimbo muRussia.
Mashandiro anoita chikamu chetekinoroji checyber range
Nzvimbo yekuongorora cyber inzvimbo yakaoma yezvivakwa zvinoteedzera zvakajairwa zvivakwa zvemabhizinesi mumaindasitiri akasiyana. Iyo inokutendera iwe "kudzidzira pamakatsi" - kudzidzira hunyanzvi hwehunyanzvi pasina njodzi yekuti chimwe chinhu hachizoendi sekuronga, uye cyber exercises inokuvadza zviitiko zvebhizinesi chairo. Makambani makuru e-cybersecurity ari kutanga kuvandudza nzvimbo iyi, uye iwe unogona kuona zvakafanana maekisesaizi e-cyber mufomati yemutambo, semuenzaniso, paPositive Hack Days.
Iyo yakajairika network yezvivakwa dhizaini yebhizinesi hombe kana mubatanidzwa seti yakaringana seti yemaseva, makomputa ebasa uye akasiyana network zvishandiso zvine yakajairwa seti yemakambani software uye ruzivo rwekuchengetedza ruzivo. Indasitiri yekuongorora cyber ivhu rakafanana, pamwe neakakomba akanyanya kuomesa iyo chaiyo modhi.
Maswero atakaita iyo cyber range padyo nezvokwadi
Sezvineiwo, kutaridzika kwechikamu cheindasitiri cheiyo cyber test saiti zvinoenderana nenzira yakasarudzwa yekuenzanisira yakaoma cyber-muviri system. Pane nzira nhatu huru dzekuita modhi:
Imwe neimwe yenzira idzi ine zvayakanakira nezvayakaipira. Muzviitiko zvakasiyana, zvichienderana nechinangwa chekupedzisira uye zvipingamupinyi zviripo, zvose zvitatu zviri pamusoro apa nzira dzekuenzanisa dzinogona kushandiswa. Kuti tigadzirise kusarudzwa kwemaitiro aya, isu takanyora inotevera algorithm:
Zvakanakira nekuipira nzira dzakasiyana dzekuenzanisira dzinogona kumiririrwa muchimiro chedhiyagiramu, uko y-axis iri kufukidzwa kwenzvimbo dzekudzidza (kureva, kuchinjika kwechishandiso chakarongwa chekuenzanisira), uye x-axis ndiko kurongeka. yekuenzanisa (chiyero chekunyorera kune chaiyo system). Zvinoita kunge Gartner square:
Nokudaro, kuenzanisa kwakakwana pakati pekururama uye kushanduka kwekuenzanisa ndiyo inonzi semi-natural modeling (hardware-in-the-loop, HIL). Mukati meiyi nzira, iyo cyber-physical system inoteedzerwa ichishandisa chaiyo midziyo, uye pamwe nekushandisa masvomhu modhi. Semuenzaniso, substation yemagetsi inogona kumiririrwa neiyo chaiyo microprocessor zvishandiso (relay kuchengetedza zviteshi), maseva eautomated control system uye zvimwe zvechipiri midziyo, uye maitiro emuviri pachawo anoitika mumambure emagetsi anoitwa uchishandisa komputa muenzaniso. Zvakanaka, takasarudza nzira yekuenzanisira. Mushure meizvi, zvaive zvakafanira kuvandudza mavakirwo eiyo cyber range. Kuti maekisesaizi ecyber anyatso batsira, zvese zvinongedzo zveiyo chaiyo yakaoma cyber-muviri system inofanirwa kugadzirwa zvakare nemazvo sezvinobvira panzvimbo yekuyedza. Naizvozvo, munyika yedu, sehupenyu chaihwo, iyo tekinoroji chikamu cheiyo cyber renji ine akati wandei ekudyidzana mazinga. Rega ndikuyeuchidze kuti yakajairwa maindasitiri network network inosanganisira yakaderera nhanho, iyo inosanganisira iyo inonzi "primary midziyo" - iyi ndeye fiber optical, network yemagetsi, kana chimwe chinhu, zvichienderana neindasitiri. Iyo inotsinhanisa data uye inodzorwa neakasarudzika maindasitiri controller, uye iwo, zvakare, neSCADA masisitimu.
Takatanga kugadzira chikamu cheindasitiri cheiyo cyber saiti kubva kuchikamu chesimba, zvino yava yedu yekutanga (mafuta negesi uye maindasitiri emakemikari ari muzvirongwa zvedu).
Zviripachena kuti nhanho yemidziyo yekutanga haigone kuitika kuburikidza nekuzara-chiyero modhi uchishandisa zvinhu chaizvo. Naizvozvo, padanho rekutanga, takagadzira masvomhu muenzaniso wenzvimbo yemagetsi uye chikamu chiri padyo chesimba remagetsi. Iyi modhi inosanganisira ese emagetsi emagetsi ezviteshi - tambo dzemagetsi, ma transformer, nezvimwe, uye inoitwa mune yakakosha RSCAD software package. Iyo modhi yakasikwa nenzira iyi inogona kugadziridzwa neicho chaiyo-nguva computing yakaoma - chinhu chayo chikuru ndechekuti iyo nguva yekuita muhurongwa chaihwo uye iyo nguva yemaitiro mumuenzaniso yakanyatsofanana - ndiko kuti, kana pfupi dunhu mune chaiyo. network inotora masekondi maviri, ichave inoteedzerwa kweiyo nguva yakafanana yenguva muRSCAD). Isu tinowana chikamu che "kurarama" chemagetsi emagetsi emagetsi, anoshanda zvinoenderana nemirairo yese yefizikisi uye kunyangwe achipindura kune ekunze pesvedzero (somuenzaniso, activation yekudzivirira relay uye automation terminals, kugumburwa kweswichi, nezvimwewo). Kudyidzana nemidziyo yekunze kwakawanikwa pachishandiswa yakasarudzika yakasarudzika yekutaurirana, ichibvumira iyo masvomhu modhi kuti idyidzane nenhanho yevatongi uye nhanho yeatomatiki masisitimu.
Asi mazinga evatongi uye otomatiki ekudzora masisitimu enzvimbo yemagetsi anogona kugadzirwa uchishandisa chaiwo maindasitiri michina (kunyangwe, kana zvichidikanwa, isu tinogona zvakare kushandisa chaiwo mamodheru). Pamatanho maviri aya pane, zvichiteerana, zvidzori uye otomatiki midziyo (relay kuchengetedza, PMU, USPD, metres) uye otomatiki kudzora masisitimu (SCADA, OIK, AIISKUE). Yakazara-chiyero modhi inogona kuwedzera zvakanyanya huchokwadi hweiyo modhi uye, nekudaro, iyo cyber inodzidzira ivo pachavo, sezvo zvikwata zvichabatana nemidziyo chaiyo yemaindasitiri, ine hunhu hwayo, tsikidzi uye kusagadzikana.
Padanho rechitatu, takaita kupindirana kwezvikamu zvemasvomhu uye zvemuviri zvemuenzaniso tichishandisa hunyanzvi hwehardware uye software interfaces uye masaini amplifiers.
Nekuda kweizvozvo, zvivakwa zvinotaridzika seizvi:
Yese midziyo yekuyedza saiti inopindirana neimwe nzira senge mune chaiyo cyber-muviri system. Kunyanya, pakuvaka modhi iyi takashandisa zvinotevera zvishandiso uye maturusi emakomputa:
- Computing yakaoma RTDS yekuita masvomhu mu "chaiyo nguva";
- Automated workstation (AWS) yemushandisi ane yakaiswa software yekuenzanisira tekinoroji maitiro uye yekutanga michina yezviteshi zvemagetsi;
- Makabati ane midziyo yekutaurirana, relay kuchengetedza uye otomatiki zviteshi, uye otomatiki maitiro ekudzora michina;
- Amplifier makabati akagadzirirwa kukwidziridza masaini eanalog kubva kudhijitari-kune-analog inoshandura bhodhi yeRTDS simulator. Imwe neimwe kabati yeamplifier ine seti yakasiyana yeamplification blocks inoshandiswa kugadzira azvino uye magetsi ekuisa masaini eiyo relay kuchengetedza terminals pasi pekudzidza. Masaini ekupinza anokwidziridzwa kusvika padanho rinodiwa pakushanda kwakajairwa kweiyo relay kuchengetedza zviteshi.
Iyi haisiriyo yega mhinduro inogoneka, asi, semaonero edu, ndiyo yakanakira kuitisa cyber maekisesaizi, sezvo ichiratidzira chaiwo mavakirwo ezvizhinji zvezviteshi zvemazuva ano, uye panguva imwe chete zvinogona kugadzirwa kuitira kuti zvigadzirike zvakare senge. nemazvo sezvinobvira zvimwe zvinhu zvechimwe chinhu.
Mukupedzisa
Iyo cyber range ipurojekiti hombe, uye pachine basa rakawanda pamberi. Kune rimwe divi, isu tinodzidza ruzivo rwevatinoshanda navo vekuMadokero, kune rumwe rutivi, isu tinofanirwa kuita zvakawanda zvichienderana neruzivo rwedu rwekushanda zvakananga nemabhizinesi eRussia maindasitiri, sezvo kwete chete maindasitiri akasiyana, asiwo nyika dzakasiyana dzine zvakanangana. Iyi inyaya yakaoma uye inonakidza.
Zvakadaro, isu tine chokwadi chekuti isu muRussia tasvika izvo zvinowanzonzi "nhanho yekukura" apo indasitiri inonzwisisawo kudiwa kwecyber exercises. Izvi zvinoreva kuti munguva pfupi indasitiri ichange iine maitiro ayo ega ega, uye isu tinovimba tichasimbisa mwero wedu wekuchengetedza.
Authors
Oleg Arkhangelsky, anotungamira muongorori uye methodologist weiyo Industrial Cyber ββββTest Site project.
Dmitry Syutov, injiniya mukuru weiyo Industrial Cyber ββββTest Site project;
Andrey Kuznetsov, mukuru we "Industrial Cyber ββββTest Site" chirongwa, mutevedzeri wemukuru weCyber ββββSecurity Laboratory yeAutomated Process Control Systems for Production.
Source: www.habr.com