Are SCADA Systems Secured?

11 04 2012

Prior to a few years ago, I had no knowledge of a SCADA (Supervisory Control and Data Acquisition) System.  How are power houses, water treatment, gas pipelines, waste water treatment plants, pump stations, and other mechanical systems maintained in a plant, area, or within a country?  I didn’t have a need to know nor did I care.  SCADA Systems are the brains or backbone of mechanical infrastructure in a plant.  Maintenance Engineers use the system as a supervisory tool for pumps, HVAC system, nuclear plants, water flow systems, fans, turbines, generators, etc.  As an IT Manager, I soon learned the importance of the systems and how to support and protect the maintenance systems by protecting the SCADA System of a plant.

Scada Systems are not limited to plants of companies; they are used to maintain mechanical systems for cities, states, or even countries. On a larger scale, the risk of attack on the SCADA systems becomes tenfold more dangerous and the effect could result in some form of a catastrophe.

How Attacks occur and examples

The SCADA System is an industrial control system. The components of a networked SCADA system consist of main computer system to store and process data with web-base interfacing. HMI (human machine interface) and computer provide the operator/ engineer’s ability to input, monitor, and manipulate the system.  Data is gathered from the mechanical devices thru a Remote terminal such as PLC (programmable logic controller) and sent to the server.  The use of SCADA systems has grown over the years.  North America, Africa, Europe and the Middle East are the biggest consumers of SCADA systems.  Analyst believes the use of SCADA systems will continue to grow 10 percent for next five years, which increases the risk of SCADA attacks globally.  (1)  SCADA systems can be seen as a tool to turn on and off pumps in a water treatment facility to controlling spaceships for the government.  It’s a powerful tool and used by many businesses from small companies to the government, who depend on IT to support and maintain the SCADA systems.  The three cornerstones of IT security CIA (confidentially, integrity and availability), Integrity and availability are critical to the SCADA system.  Due to the type of systems that are managed with the SCADA system, engineers and maintenance employees rely on the information obtain to be accurate and available.  Any tampering of data could result in making the wrong decision in turning on or off devices within the system.  Also during a crisis or non-crisis moment, the available of information must be there.  It’s extremely hard to make a decision based on no data.

It is believed that the infrastructure of SCADA system is vulnerable to attacks.  The attack can occur from internal as well as external point.  Downsizing within corporations, has brought on high number of disgruntled employees or ex-employees.  An internal attack could result from changes made to the system thru personal computers or PLC interfacing; a disgruntled employee can change settings, turn off motors or pumps, or implant a virus or worm.  External attacks can occur thru hacking of weak passwords, phishing attack against a hardware, entry thru enabled supply back entry access, or thru a control system modems installed to allow remote users access.  For example, the US government reported in December 2011 a railroad system had experienced a cyber attack. (2)  Railroad cars were delayed on several lines, which increased the risk of cross lines and a potential railway collision.  The incident was a result of external hacking into the Railroad SCADA system.

Methods to Prevent

To reduce attacks on SCADA systems, Information Technology departments will need to increase security protection of the system.  Information Technology departments will need to enforce rules to have users create strong password that require changing every 30 days.  Restrict remote access to SCADA system thru secure IP VPN and remove access modems.   Web servers to the SCADA systems should be placed behind firewalls to provide protection from hackers thru the internet.  In addition, employ the use of DMZ buffer or routers and firewalls to create a separation between the SCADA system and the rest of the corporate network. (3)   Using a combination of the available security measures will reduce the potential of an attack.

Conclusion

With the improvement of technology, the ability to manage railroad systems, gas pipelines, water cooling system, waste water treatment facilities, and other systems have migrated to using SCADA Systems.  There are several manufactures that produce SCADA systems such as Square D,  Modicon, Siemens, Iconics, and CSWorks.  As the use of SCADA system increases, the market of SCADA manufacturers increases as well.  Not all SCADA systems are created with the same level of security, so the buyer must be aware of the risks that exist.  SCADA systems have been and will continue to be targets of attackers.  However, the Information Technology department can work with the maintenance groups to deploy a system that provides a higher level of protection from internal and external attacks.  SCADA systems control many vital systems globally; it is up to the IT departments to migrate the risk of possible attacks as much as possible.  Even the smallest of attack can cause havoc on many.  No one wants to be the organization that’s been hacked.

___________

(1) The Increased Threat of Attacks on SCADA Systems, author Kevin Coleman by defensetech.org, released November September 26, 2011

(2) Reports of a possible cyber-attack against a rail company highlight the issues of protecting industrial control systems that keep the country’s critical infrastructure running, author Fahmida Rashid, by eweek.com/c/a/Security/SCADA-Systems-in-Railways-Vulnerable-to-Attack-124045, released January 26, 2011

Securing integrated Scada systems against cyber attacks, author Paul Hurst by http://www.citect.com, released April 9, 2009

SCADA Systems,  by www.scadasystems.net

Advertisements

Actions

Information

One response

23 03 2013
The Increasing Threat to Industrial Control Systems/Supervisory Control and Data Acquisition Systems | cmu95752

[…] Control Systems (ICS) and Supervisory Control and Data Acquisition Systems (SCADA) here and again here in November 2012.  Recently, ICS-CERT has released several bulletins that have spelled out trends […]

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s




%d bloggers like this: