Fortinet-制造业整体安全解决方案V.pptx
1;目录;概述;概述
第四次工业革命/工业制造2025简介
先进制造业的数字化转型趋势
数字化转型下的制造业的安全挑战;第四次工业革命?网络化、数字化、智能化;[DigitalTransformation];数字化转型-安全建设面临的新挑战;;September23th,2010
Stuxnetwormtargetedhigh-valueIranianassets’
StuxnetwasfirstdetectedinJunebyasecurityfirmbasedinBelarus,butmayhavebeencirculatingsince2009.Unlikemostviruses,thewormtargetssystemsthataretraditionallynotconnectedtotheinternetforsecurityreasons.InsteaditinfectsWindowsmachinesviaUSBkeys-commonlyusedtomovefilesaround-infectedwithmalware./news/technologyAugust27th,2014
MajorcyberattackhitsNorwegianoilindustry
Morethan50Norwegianoilandenergycompanieshavebeenhackedbyunknownattackers,accordingtogovernmentsecurityauthorities.State-ownedStatoil,Norwayslargestpetrocompany,appearstobethemaintargetofwhatsdescribedasthecountrysbiggesteverhackattack.http://www.theregister.co.uk/2014/08/27/nowegian_oil_hack_campaign/
January1st,2015
ACyberattackHasCausedConfirmedPhysicalDamage
HackershadstruckanunnamedsteelmillinGermany.Theydidsobymanipulatinganddisruptingcontrolsystemstosuchadegreethatablastfurnacecouldnotbeproperlyshutdown,resultingin“massive”—thoughunspecified—damage./2015/01/german-steel-mill-hack-destruction/
December23rd,2015
IranianHackersClaimCyberAttackonNewYorkDam
AnIranianhacktivistgrouphasclaimedresponsibilityforacyberattackthatgaveitaccesstothecontrolsystemforadaminthesuburbsofNewYork—anintrusionthatoneofficialsaidmaybejustthetipoftheiceberg”.
/news/us-news/iranian-hackers-claim-cyber-attack-new-york-dam-n484611;[SecurityTransformation];独立式安全防御的失效;零信任网络设计–GoogleBeyondCorp;;Gartner对全球网络安全行业发展趋势分析-2018年;Gartner对企业安全支出的数据-2018年;;步骤一:攻击和渗透IT系统:IT系统复杂而脆弱,设计不合理,代码漏洞,配置错误,未进行合理的身份认证等问题
步骤二:内网横向移动感染更多主机:内网安全域未有效划分和隔离,无法阻挡内网横向移动
步骤三:外联黑客并准备破???:缺乏对从内而外的非法访问行为的检测。;减少碎片安全防御,重塑主动的安全体系及能力建设
安全体系的核心;;制造业典型网