机器学习自动化 要学习什么_从电视节目“先生”中学习自动化网络安全。 机器人'_weixin_26722031的博客-程序员宝宝

技术标签: python  机器学习  深度学习  人工智能  

机器学习自动化 要学习什么

电视可以教给您有关IT / OT融合的知识 (Here’s What Television Can Teach You About IT/OT Convergence)

As our world becomes more and more interconnected, automation professionals are realizing that cybersecurity is critical to the survival of our companies. The International Society of Automation (ISA) launched the ISA Global Cybersecurity Alliance last year to help fight to keep bad actors out of our systems, but many companies still struggle with a simple issue: which department should handle cybersecurity?

随着我们世界之间的联系越来越紧密,自动化专业人员意识到网络安全对我们公司的生存至关重要。 去年,国际自动化协会(ISA) 启动了ISA全球网络安全联盟 ,以帮助将不良行为者拒之门外,但许多公司仍在为一个简单的问题而苦苦挣扎:哪个部门应该处理网络安全?

Should it be your IT team, who can monitor potential cyber threats coming in through your general internet access points?

应该是您的IT团队 ,谁可以监视通过您的常规Internet接入点传入的潜在网络威胁?

Or should it be your OT team, who already routinely checks for threats to your physical devices?

还是应该是您的OT团队已经定期检查对您的物理设备的威胁?

We-along with the most recent data on industrial cyber threats-say this is the wrong attitude. Cybersecurity shouldn’t be left to one team or another. It should be a partnership.

我们连同有关工业网络威胁的最新数据一样,说这是错误的态度。 网络安全不应由一个团队或另一个团队负责。 应该是伙伴关系。

If your IT team and your OT team don’t talk to each other on a regular basis, then you’re not only leaving yourself open to threats, you’re basically inviting them in.

如果您的IT团队和OT团队不定期进行对话,那么您不仅会面临威胁 ,而且基本上是在邀请他们加入。

Before we begin, if you need a refresher of the difference between IT and OT, Coolfire has a great breakdown over on their page.

在我们开始之前,如果您需要重新了解IT和OT之间的区别, Coolfire将在其页面上详细介绍一下。

在筒仓中工作的危险 (The Danger of Working in Silos)

Here’s the most obvious reason that you simply can’t have IT teams and OT teams working separately: the world is getting smaller, and your company has more access points than ever before. Industry 4.0 is here, and even with the remarkable opportunities it brings, our new interconnected devices also carry inherent threats.

这是最明显的原因,您根本无法让IT团队和OT团队分开工作:世界越来越小,您的公司拥有比以往更多的接入点。 工业4.0即将到来 ,即使它带来了巨大的机遇,我们的新型互连设备也带来了固有的威胁。

Want another reason to bring IT and OT together? Hackers and other bad actors aren’t selective about the systems they attack to accomplish their goals-whatever those goals may be.

想要将IT和OT整合在一起的另一个原因吗? 黑客和其他不良行为者不会选择攻击他们以实现目标的系统,无论这些目标可能是什么。

You can find plenty of examples of IT and OT systems being compromised by the same attack. Believe it or not, one relevant case study comes from the popular TV show “ Mr. Robot.” (By the way, if you work with cybersecurity in any capacity, this show is worth checking out! Most of the cyberattacks it portrays that have also been tested in the real world are extremely realistic.)

您可以找到大量受到相同攻击破坏的IT和OT系统的示例。 信不信由你,一个相关的案例研究来自受欢迎的电视节目“ 机器人先生 ”。 (顺便说一句,如果您以任何身份使用网络安全,那么该节目都值得一看!它描述的大多数网络攻击在现实世界中也经过了测试, 非常现实 。)

In the first season, the main character, a hacker played by Rami Malek, attacks a SCADA system in a prison to open the cell doors. As the storyline goes, he believed the jail had a programmable logic controller (PLC) system operating the doors-so by gaining access to that piece, he had access to everything.

在第一个季节,主角是拉米·马雷克(Rami Malek)扮演的一名黑客,袭击监狱中的SCADA系统以打开牢房门。 随着故事情节的发展,他相信监狱中有一个可操作门的可编程逻辑控制器(PLC)系统-因此,通过获得对该作品的访问权限,他就可以访问所有内容。

How did he get in there in the first place? This character had an accomplice drop flash drives infected with malware around the grounds of the jail. When a curious police officer plugged the drive into his laptop, the hacker gained full access to the prison’s network-including their SCADA system. It’s the perfect example of an IT exploit leading to an OT exploit.

他是如何首先到达那里的? 这个角色在监狱周围有一个被恶意软件感染的帮凶下落闪存驱动器。 当一个好奇的警察将驱动器插入他的笔记本电脑时,黑客获得了对监狱网络(包括其SCADA系统)的完全访问权限。 这是IT漏洞导致OT漏洞的完美示例。

Think that we’re just having a little fun with a TV show plot?

认为我们只是在玩电视节目情节吗?

Think again. According to a study by three prominent cybersecurity consultants, an event like this could easily happen in the real world.

再想一想。 根据三位著名网络安全顾问的研究, 在现实世界中很容易发生这样的事件

Step by step, the entire fictional IT/OT attack on the prison was tested by actual cybersecurity experts from start to finish. They found it to be entirely, absolutely, 100% possible.

实际的网络安全专家从头到尾一步一步地测试了对监狱的整个虚构的IT / OT攻击。 他们发现完全,绝对,100%可能。

We’d also like to remind you of the Stuxnet attack in Iran back in 2010. More than 15 nuclear facilities were infected thanks to one inattentive worker’s USB drive. Not only is this scenario possible, it’s already happened.

我们还要提醒您回想一下2010 年伊朗Stuxnet袭击的情况 。一个不留神的工人的USB驱动器感染了15多个核设施。 这种情况不仅可能,而且已经发生。

这真的很重要吗? (Is This Really a Big Deal?)

You might wonder, who would even bother hacking an OT system? How many people even know what SCADA is -let alone how to hack it?

您可能想知道,谁还会打扰OT系统? 有多少人甚至知道SCADA 什么-更不用说如何破解它了?

You might be surprised. While SCADA/ICS hacks aren’t as popular as some IT exploits, it’s easy to find everything you’d need to know. In fact, in researching this article, I came across step-by-step tutorials on how to find vulnerable systems, use Splunk to monitor them for security responses, and build and test a SCADA honeypot. I found default passwords for nearly all popular brand name systems and much more.

您可能会感到惊讶。 尽管SCADA / ICS骇客不像某些IT漏洞那样流行,但是很容易找到您需要知道的一切。 实际上,在研究本文时,我遇到了有关如何找到易受攻击的系统,如何使用Splunk监视其安全响应以及构建和测试SCADA蜜罐的分步教程 。 我找到了几乎所有流行品牌系统的默认密码,甚至更多。

How did I find this? Google.

我是怎么找到这个的? 谷歌。

It didn’t take any unique skills at hacking on my part. I simply Googled “hacking SCADA” and came up with more than two million hits. Out of those results, it took less than five minutes to find a complete tutorial on how to hack nearly every part of many well-regarded Industrial Automation Control Systems (IACS).

就我而言,在黑客方面并没有任何独特的技能。 我只是用Google搜索“入侵SCADA”,结果点击量超过200万。 在这些结果中,花费了不到五分钟的时间找到了一个完整的教程,该教程介绍了如何破解许多广受好评的工业自动化控制系统(IACS)的几乎每个部分。

Obscurity will not save your IACS from being attacked. In fact, it could make it more vulnerable. Your employees won’t necessarily think of these systems as targets, which can lead to lax security. As with the real-life Stuxnet and fictional Mr. Robot examples, once a hacker gains access to any part of your network, everything is compromised.

默默无闻不会挽救您的IACS免受攻击。 实际上,它可能使它更加脆弱 。 您的员工不一定会将这些系统视为目标,这可能导致安全性松懈。 就像现实中的Stuxnet和虚构的Robot先生的例子一样,一旦黑客获得了对网络任何部分的访问权限,一切都会受到损害。

Of course, cyberattacks against IT infrastructure are also on the rise. From ransomware to employee theft of files, the risk of IT cyber threats is more widely understood. All we need to do is simply turn on the news.

当然,针对IT基础架构的网络攻击也在增加。 从勒索软件到员工盗窃文件,IT网络威胁的风险得到了更广泛的了解。 我们需要做的只是打开新闻。

The bottom line is, staying a few steps ahead of cybercriminals is crucial. Hackers can spread malware from your OT to your IT systems and vice versa. You need both skill sets to keep them out.

最重要的是,保持领先于网络犯罪分子的几步至关重要。 黑客可以将恶意软件从您的OT传播到IT系统,反之亦然。 您需要同时具备两种技能才能将其拒之门外。

打破IT与OT之间的壁垒 (Breaking Down the Wall Between IT and OT)

Both teams have skills that complement each other, and both teams are going to be vigilant in looking out for different symptoms of possible attacks. Think of IT and OT skill sets as different parts of a single machine. To keep the machine functioning smoothly, all parts need to work together. Any perceived competition or “bad blood” between IT and OT needs to be eliminated as soon as possible to ensure that our workplaces, homes, and lives stay safe from cybercriminals.

两支球队都有相辅相成的技能,两支球队将保持警惕,以寻找可能的攻击的不同症状。 将IT和OT技能集视为一台机器的不同部分。 为了使机器保持平稳运行, 所有零件都需要一起工作 。 必须尽快消除IT和OT之间的任何可察觉的竞争或“恶血”,以确保我们的工作场所,家庭和生活免受网络罪犯的伤害。

You’ll often see “IT/OT convergence” cited as a critical aspect of industrial cybersecurity. The word “convergence” simply isn’t strong enough to convey the high level of interoperability we need to keep our systems safe online. We need complete integration, communication, and cooperation between IT and OT teams, and we need it yesterday.

您经常会看到“ IT / OT融合”被视为工业网络安全的关键方面。 “融合”一词根本不足以传达我们需要保持系统安全在线的高互操作性。 我们需要 IT和OT团队之间完整的集成,沟通和合作 ,昨天我们需要它。

Many organizations are now struggling to attain those goals. It’s an important fight. The hackers are gaining ground, though, and we all need to step it up.

现在,许多组织都在努力实现这些目标。 这是一场重要的战斗。 但是,黑客正在逐渐普及,我们所有人都需要加紧努力。

To learn more about the ISA Global Cybersecurity Alliance and how we are working to keep networks safe, please visit our website and our blog.

要了解有关ISA全球网络安全联盟以及我们如何维护网络安全的更多信息,请访问我们的网站博客

Originally published at https://blog.isa.org.

最初发布在 https://blog.isa.org

翻译自: https://medium.com/swlh/learning-automation-cybersecurity-from-the-tv-show-mr-robot-b423d536b5c7

机器学习自动化 要学习什么

版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
本文链接:https://blog.csdn.net/weixin_26722031/article/details/108136341

智能推荐

04以太坊测试网(Testnets)_缘定三石的博客-程序员宝宝

什么是测试网?测试网络(简称testnet)用于模拟以太网主网的行为。有一些公开的测试网络可以替代以太坊区块链。这些网络上的货币毫无价值,但它们仍然很有用,因为合约和协议变更的功能可以在不中断以太网主网或使用真实货币的情况下进行测试。当主网(简称mainnet)即将包含对以太坊协议的任何重大改变时,其测试主要在这些测试网络上完成。这些测试网络也被大量开发人员用于在部署到主网之前测试应用程序。...

python中pandas读取数据库_BabyBirdToFly的博客-程序员宝宝

# -*- coding: utf-8 -*-  importpandas as pdimportpymysql  ## 加上字符集参数,防止中文乱码dbconn=pymysql.connect(  host="**********",  database="kimbo",  user="kimbo_t

TCP三次握手与四次挥手过程分析(理论+实践)_会飞的鱼zhh的博客-程序员宝宝

1、 前言  TCP协议(Transmission Control Protocol,传输控制协议),为应用层提供可靠的、面向连接的和基于流(stream)的服务。TCP协议使用超时重传、数据确认等方式来确保数据包正确地发送至目的端,因此TCP服务是可靠的  下面利用tcpdump来观察和分析TCP连接的建立与关闭过程。首先介绍测试环境:开启两台Linux虚拟机,然后将网络均连接到同一局域网...

c#中设计器中窗体释放  protected override void Dispose(bool disposing)改写解决部分窗体线程释放不彻底问题_luckyone906的博客-程序员宝宝_c# override protected

c#中设计器中窗体释放 protected override void Dispose(bool disposing)改写解决部分窗体线程释放不彻底问题/// <summary> /// 清理所有正在使用的资源。 /// </summary> /// <param name="disposing">如果应释放托管资源,为 true;否则为 false。</param> protected...

面向对象---多态_帆哥的小弟的博客-程序员宝宝

这次是2021年01月19日的学习成果,总结于此,以便于之后的学习查漏补缺多态(重点)多态概述生活实例实例1:水果:苹果,香蕉,西瓜实例2:动物:老虎,狮子,大象实例3:动物叫:猫叫,牛叫,羊叫总结:多态即为多种形态,状态多态的实现条件Java实现多态的必要条件:继承、重写。当编译时类型和运行时类型不一致,就会出现多态(Polymorphism)多态实现基础父类声明的变量可以引用所有子类的对象,这是多态实现的基础。我们只有在 运行 的时候才会知道引用变量所指向的具体实例对象

postgresql Installation from Source Code_魂醉的博客-程序员宝宝

1.和其他数据库安装一样,可以根据自己的需求,修改系统参数 /etc/sysctl.conf ,/etc/security/limits.conf,2.新建用户和组: #groupadd postgresql #useradd -g postgresql postgresql3.创建相关目录: mkdir -p /database/pgdata/pg_...

随便推点

ZCMU-1155 树状数组_独-的博客-程序员宝宝

题目网址:http://acm.zcmu.edu.cn/JudgeOnline/problem.php?id=1155此题是树状数组模板题,但是也可以用技巧,好像更快的样子。先给出树状数组的解区间更新+单点查询 AC代码:#include<bits/stdc++.h>using namespace std;typedef long long ll;const int mod=1e9;i...

决策树 代码实现_伊织code的博客-程序员宝宝_决策树算法代码

文章目录决策树的简单实现SKLearn 中的决策树树模型参数:代码信息熵二分类问题使用信息熵寻找最优划分使用基尼系数划分CART 和 决策树的超参数max_depthmin_samples_splitmin_samples_leafmax_leaf_nodes决策树解决回归问题Decision Tree Regressorcalifornia_housing 做决策树可视化 graphviz & pydotplus调整树模型参数决策树的简单实现import numpy as npimport

ios::sync_with_stdio(false);_蒝味的博客-程序员宝宝

在竞赛中,遇到大数据时,往往读文件成了程序运行速度的瓶颈,需要更快的读取方式。相信几乎所有的C++学习者都在cin机器缓慢的速度上栽过跟头,于是从此以后发誓不用cin读数据。还有人说Pascal的read语句的速度是C/C++中scanf比不上的,C++选手只能干着急。难道C++真的低Pascal一等吗?答案是不言而喻的。一个进阶的方法是把数据一下子读进来,然后再转化字符串,这种方法传说中很不错,

JAVA设计模式初探之——组合模式_weixin_33918114的博客-程序员宝宝

2019独角兽企业重金招聘Python工程师标准>>> ...

Postgres-XL集群的搭建_weixin_33762130的博客-程序员宝宝

一、集群规划建立5个虚拟机构成的集群,虚拟机的os均为centos6.5,依次命名为cnode1,cnode2,cnode3,cnode4,cnode5,其中cnode1为gtm,其余4个节点均为coordinator(程序直接用)和datanode(数据库9.2,一开始还以为是管理数据库的啥玩意儿呢害我又删掉原来部署好的9.4坑爹呀!)。hostnamei...