As any IT manager understands, particularly those managing SCADA and industrial control networks, keeping SCADA systems safe from security threats isn’t just about peace of mind. These systems control critical components of industrial automation networks. If there’s a problem with them, essential services – such as water and power – could shut down services for thousands or millions of people.
However, despite knowing this, there’s a frightening truth many of us are ignoring: attacks on SCADA systems are on the rise, and it is possible that many infiltrated systems have gone undetected. Cyber criminals often “infect” systems and silently monitor traffic, observe activity, and wait for months or even years before taking any action. This allows them to strike when they can cause the most damage.
While we’d rather not have to face the fact our critical infrastructures could very well be compromised, there is good news. Understanding common SCADA system threats and vulnerabilities allow us to develop a clear, actionable framework for overcoming these security issues.
Not Just Hypothetical
The dangers posed by insecure SCADA systems aren’t just hypothetical. Numerous events have shown how SCADA system vulnerabilities can affect real-world infrastructures.
For example, a private network at a nuclear power plant in Ohio was infected by a server worm, taking the safety monitoring system offline for nearly 5 hours.
In another instance, part of the Austrian and German power grid nearly broke down when a stray piece of code accidentally began self-replicating throughout the network. Though the problem was resolved before power outages occurred, the incident served as a proof of concept for deliberate attacks of this nature.
Symantec and cyber intelligence firm IntelCrawler, have also published studies demonstrating how hackers can get full control of industrial infrastructure in the energy, oil and gas, chemical, and transportation sectors, and have showed how very small aperture terminals (VSATs), present in most SCADA systems, are “open” for targeted cyber-attacks.
Common SCADA System Threats and Vulnerabilities
Many if not most SCADA systems are currently vulnerable to cyber-attacks due to the following:
- Lack of monitoring. Without active network monitoring, it is impossible to detect suspicious activity, identify potential threats, and quickly react to cyber-attacks.
- Slow updates. As SCADA systems become more advanced, they also become more vulnerable to new attacks. Maintaining firmware and software updates may be inconvenient (without the proper systems in place), but they’re necessary for maximum protection.
- Lack of knowledge about devices. Connecting devices to a SCADA System allows for remote monitoring and updates, but not all devices have equal reporting capabilities. Since most SCADA systems have been developed gradually over time, it’s not uncommon to see technology that’s 5 years old paired with technology that’s 20 years old. This means the knowledge about network connected devices is often incomplete.
- Not understanding traffic. Managers need to know what type of traffic is going through their networks. Only then they can make informed decisions about how to respond to potential threats. With advanced data analysis, managers can get a big picture view of data gathered from traffic monitoring, and translate that into actionable intelligence. For example, an infiltrated system might check with a foreign server once every 30, 45, or 180 days.
- Authentication holes. Authentication solutions are designed to keep the wrong people from accessing the SCADA system. However, this can easily be defeated due to common unsafe practices such as poor passwords, username sharing, and weak authentication.
Get Your SCADA System Analyzed for Threats and Vulnerabilities
With numerous vulnerabilities that could affect critical services, securing SCADA systems must be a top priority. However, it’s impossible to know how to protect a specific system without professional analysis. Contact Patriot Technologies’ experienced team of SCADA experts today, and we’ll discuss how we can find and resolve vulnerabilities in your system.
Have questions or want additional information on our services? Contact Patriot Technologies online to speak to a representative.