Automation systems security issues

Supervisory Control and Data Acquisition (SCADA) systems are used for remote monitoring and control in the delivery of essential services products such as electricity, natural gas, water, waste treatment and transportation. They used to be in closed networks, but nowadays more and more automation and control equipment are connected to Internet. Many of them are intentionally connected to allow remote operation and some are unintentionally connected to Internet. Many control systems connected to Internet have serious security issues (for example some have default passwords in them and some have known security vulnerabilities in their software).

Researchers at Aalto University did a study in January 2013 to look into the status of Finnish cyber-security. The researchers found 185 000 devices that answer to HTTP request in Finland. There is nothing wring in that. What is alarming that they which found in 2915 automation systems devices pretty openly connected to Internet in Finland (in re-check done in March 2013 some of them were not in network anymore, but still there were 1969 devices visible). Those open devices can be accessed from the public network and 60 per cent of found devices have known vulnerabilities. Also a number of devices have user names and passwords that are easy to get to know.

The conclusion on that was that you it would be well possible to interfere Finnish society with network attacks to open automation systems. Compromised systems were found in power plants, hospital, industrial automation systems, building automation, one prison and traffic control system. Most of the devices found hardly should be open on the Internet, because then they are vulnerable to attack.

For more details read the full report Suomen automaatioverkkojen haavoittuvuus – Raportti Internetissä julkisesti esillä olevista automaatiolaitteista. The report is written in Finnish. It is interesting reading.

The researchers used Shodan search engine to find those devices. The researchers used the information given by this search engine and did not try if those systems were hackable or not (that would have been illegal).

It is estimated that this search engine has mapped only 20 to 30 percent of Finland’s IP addresses, so in real life there are many more vulnerable devices connected to Internet in Finland. So it is well possible that in Finland would be up to 10 000 automation systems open to network attacks.

What is this Shodan the researchers used to get information on those devices? It is a special search engine that tries to map everything from desktop computers to network printers to Web servers connected to Internet. Over the past two years, Shodan has gathered data on nearly 100 million devices, recording their exact locations and the software systems that run them.

Rather than to locate specific content on a particular search term, SHODAN is designed to help the user find specific nodes (desktops, servers, routers, switches, etc.) with specific content in their banners (typically advertise service and version). Because Shodan makes locating devices in Internet easier. Cyber search engine Shodan exposes industrial control systems to new risks article tells that Homeland security officials have warned that the obscurity that had protected many industrial control systems was fast dis­appearing in a flood of digital light.

I also mentioned those dangers on my Security trends for 2013 article. The designers and installers who put together those automation systems should be more careful in what they do. And the people who buy those systems should also think about the safety (and demand it) instead just looking for the cheapest price. There are many ways to protect those devices and ways to do the communication through Internet safely. Advice to companies that use automation systems: check the protection of your systems.

74 Comments

  1. jual nano says:

    Greetings! Very useful advice in this particular post!
    It is the little changes that will make the most important changes.

    Thanks a lot for sharing!

    Reply
  2. stupid , says:

    I like what you guys are up too. Such clever work and
    reporting! Keep up the superb works guys I’ve included you guys
    to my blogroll.

    Reply
  3. Jackson Mitchell says:

    Hello, great recommendation and an exciting post,
    it’ll be interesting if this is still the
    state of affairs in a few months time

    Reply
  4. Scarlett Reynolds says:

    I seldom discuss these items, but I assumed this
    on deserved a well done

    Reply
  5. Claire Richardson says:

    Hello, fantastic recommendation and an fascinating article,
    it will be exciting if this is still the case in a
    few years time

    Reply
  6. Zoey Patterson says:

    I very rarely comment on these items, but I thought this on deserved a thumb up

    Reply
  7. Leah Russell says:

    Hi, great suggestion and an interesting article post, it’ll be exciting if this is still
    the situation in a few months time

    Reply
  8. William Scott says:

    Hi, important information and an interesting
    post, it is going to be interesting if this is still the situation in a few months time

    Reply
  9. William King says:

    Extremely exciting short article

    Reply
  10. Jack Sanchez says:

    Impressive Read, I liked the communications of the acm algorithm 357 section

    Reply
  11. electrical industrial contractors des moines says:

    “Like plumbing, electrical service is one of those conveniences that gets attention only when it breaks down,” says Stone.
    Test equipment is generally used for testing: The voltage The measurement
    of current, resistance, induction or capacitance The use of wrong
    instrument can not only harm the electric flow but also cause loss of life and damage to machinery.
    Since 1991 Mahaffey Electrical has been providing expert service in the Laguna Wood area.

    Reply
  12. Yunicitraindah.com says:

    Hi to every body, it’s my first pay a visit of this weblog;
    this weblog consists of awesome and truly excellent data designed for visitors.

    Reply
  13. Kristopher says:

    This is really attention-grabbing, You’re a very professional
    blogger. I have joined your rss feed and stay up
    for in the hunt for extra of your wonderful post. Additionally,
    I’ve shared your website in my social networks

    Reply
  14. lawyer Detroit Mi says:

    Spot on with this write-up, I truy believe that this site needs a grwat deal more attention. I’ll probably be returnig to read more, thanks for the info!

    Reply
  15. Dwi attorney Mi says:

    May I simply say what a relief to discover somebody who genuinely understands wwhat they are
    discussing online. Youu actually understand how to bring a problem to light and make it important.
    More and more people really nesd tto check this out and
    understand this side of your story. It’s surprising you are not more
    popular given that you certainly possess the gift.

    Reply
  16. coolest 42 says:

    Hello everyone, it’s my first visit at this web site, and
    post is truly fruitful in favor of me, keep up posting these content.

    Reply
  17. Arenero Para Incendio says:

    Hey there! I’ve bewen reading your sire for a while now and finally got the courage to go ahead and give yyou
    a shout out from Humble Tx! Just wanted to say keep
    up the fantastic work!

    Reply
  18. tipo de extintores says:

    Hi, just wanted tto teell you, I loved this post. It waas inspiring.

    Keep on posting!

    Reply
  19. carga de extintores says:

    It’s difficult to find educated people in this particular topic,
    however, you sound like you know whaat you’re talkinmg about!
    Thanks

    Reply
  20. site internet says:

    Remarkable things here. I’m very happy to peer your post.
    Thank you a lot and I’m taking a look ahead to contact you.

    Will you please drop me a mail?

    Reply
  21. home security systems rankings says:

    Dope work. Thanks for doing this work.

    Reply
  22. entrepreneurship says:

    My partner and I stumbled over here different page and thought I may as well check things out.
    I like what I see so i am just following you. Look forward
    to looking into your web page yet again.

    Reply
  23. Tomi Engdahl says:

    Censys is a new Search Engine for devices exposed on the Internet, it could be used by experts to assess the security they implement.
    http://securityaffairs.co/wordpress/42725/hacking/censys-search-engine.html

    Now the hackers and experts have a new powerful tool for their analysis, it is Censys, a search engine quite similar to the most popular Shodan. Censys is a free search engine that was originally released in October by researchers from the University of Michigan, it is currently powered by Google.

    https://www.censys.io

    Reply

Leave a Comment

Your email address will not be published. Required fields are marked *

*

*