Supervisory Control and Data Acquisition (SCADA) systems are used for remote monitoring and control in the delivery of essential services products such as electricity, natural gas, water, waste treatment and transportation. SCADA software runs on regular computers, but is used by owners of critical infrastructure and other various types of industrial facilities to monitor and control industrial processes.
This blog post will introduce SCADA systems fundamentals that will help analyze security considerations.
Remote monitoring is widely considered one of the most difficult applications to do in a cost-effective way. Remote monitoring using SCADA systems has traditionally been a very difficult and expensive task. SCADA systems have traditionally used their own communications networks, and the security has been largly based on keeping the SCADA network separate from public networks and fact that not many people know the special protocols used on those systems (=security by obscurity).
Internet technologies have made the remote monitoring easier and more cost effective in many applications, but on the other hand has created new set of risks related to hacking. If you connect a remote monitoring system that uses insecure communications protocol to Internet, sooner or later somebody can figure out how to hack into your system. If your system is just doing monitoring, somebody hacking can stop our communications or worse can feed you with false data. If your remote monitoring system is also used to control something, then risks are far greater.
There isn’t a single security solution capable of addressing all existing and future risks. It’s necessary to implement a series of different defenses across the system. Deploy safeguards throughout the platform to provide a robust protection against the vast majority of attacks.
Modern SCADA systems are typically designed for security using platforms similar to typical networked clients, such as laptops and workstations. There are also some specific considerations. Security systems easily become complicated. Unfortunately as the complexity of securing devices increases, so does the risk of vulnerabilities slipping past equipment manufacturers and IT organizations. Industrial control systems (ICS), distributed control systems (DCS), supervisory control and data acquisition systems (SCADA) have all been around for decades, but thanks to Stuxnet, DuQu and other major incidents, these systems have recently began receiving serious security consideration.
Cyber security is war. You have to defend your systems from all sorts of outside attackers, and if one that’s skilled and determined gets you in his sights, defending yourself may be tougher than you think. Once an attacker breaks through a hardened perimeter, moving around inside is usually pretty easy. That’s why defense in depth with incident detection, response, and attribution is so important.
Security is all about layers. You can’t ever block everything on one place so you need layers of security to protect yourself. The enterprise can put lots of devices and layers to protect themselves and customers, because you can’t be 100 percent protected against everything with only one solution.
Want it Secure? Target Both Design and Data Security article says that in today’s increasingly connected world, security applies to servers as well as mobile and remote embedded devices. The latter are often exposed to physical tampering while data travelling over networks is exposed to compromise and hacking. Security depends on securing the complete connected universe.
How safe is your network? Is Your Network Safe? article tells that just a few years ago, plants didn’t have to worry about the safety of their networks. From an IT point of view, plants were silos — succinct and secure. That changed over the past decade. To improve efficiency, plants connected out to the company’s back office and beyond to suppliers and customers. Most of the connectivity runs along Internet connections. This extended network prompted a battle between the organization’s IT team and the control folks on the factory floor. If your plant is running 24/7, you can’t add patches and reboot without shutting down the plant. In addition, the plant is now vulnerable to hacking (terrorists, hackers, competitors and disgruntled employees).
Six Ways to Improve SCADA Security blog article tells that when it comes to securing SCADA networks, we are usually years or even decades behind when compared to securing typical IT networks. The article presents some of the SCADA security’s most daunting challenges along with some recommendations to secure SCADA networks.
1. A SCADA network is inadvertently connected to a company’s IT network or even to the internet
2. ‘Data presentation and control’ now runs off-the-shelf software
3. Control systems not patched
4. Authentication and authorization
5. Insecure ‘datacommunication’ protocols
6. Long life span of SCADA systems
Understanding cyberspace is key to defending against digital attacks article tells that in recent years, there has been one stunning revelation after the next about how such unknown vulnerabilities were used to break into systems that were assumed to be secure.
Growing numbers of other kinds of machines and “smart” devices are also linked in to Internet: security cameras, elevators and CT scan machines; global positioning systems and satellites; jet fighters and global banking networks; commuter trains and the computers that control power grids and water systems. “We have built our future upon a capability that we have not learned how to protect,” former CIA director George J. Tenet has said.
As commercial and civil network infrastructures become increasingly dependent on arrays of Internet-connected computers, they are becoming increasingly susceptible to attack from hostile nations, non-governmental terrorist groups and cyber criminals.
“Companies want to make money” “They don’t want to sit around and make their software perfect.” Many of vulnerabilities are related to errors in code designed to parse data sent over the Internet. The software makers often failed to heed the warnings from security researchers and some vulnerabilities remained for a long time. And even in cases where the manufacturer has a fix, the customer might hot apply it any time soon because in many cases you can’t add patches and reboot without shutting down the plant.
Want it Secure? Target Both Design and Data Security article says that adding robust security features to a design can substantially impact the complexity, power consumption and cost of a system. These challenges include supporting the computational complexity required to run advanced cryptographic algorithms; providing secure insertion and storage of encryption keys, and authenticating and encrypting data exchanged over public network connections.
HP Cyber Security Risk Report says that the number of SCADA systems vulnerabilities have risen in last few years very much. In 2008 there were 22 holes in them. In year 2012 there were 191 holes in SCADA systems. This means 768 percent growth since 2008.