The State of SCADA vulnerabilities
(SCADA) Supervisory control and data acquisition refers industrial control systems used to control infrastructure processes, facility-based processes, or industrial processes. With all those systems to watch over comes with a few vulnerabilities associated with critical infrastructure systems. With a wide range of vulnerabilities, it should be noted that SCADA systems vulnerabilities still often include unsophisticated bugs like stack and buffer overflows, as well as information disclosure and others. These vulnerabilities allow attackers to execute arbitrary code (RCE), perform denial of service (DoS), or steal information.
Vulnerabilities found in SCADA systems
Finding out the vulnerabilities in SCADA systems help integrators understand how and where to apply mitigations to prevent exploitation and neutralize attacks. SCADA systems oversee many devices, sensors, and software, which equates to a wider attack surface. HMI displays data from various sensors and machines connected to the SCADA systems. Because of that HMI can be a main target for potential threats actor aiming to gain control over processes or to steal critical information. Mobile applications are used both locally through tablets that help engineers control LCs and RTUs. However, the vulnerability in such applications can mean openings for attacks in exchange for convenience. In 2018 research by Alexander Bolshev and Ivan Yushkevich revealed a total of 147 vulnerabilities from 20 applications. Communication protocols such as Modbus and Profinet help control different mechanisms supervised by SCADA systems. Unfortunately, they lack the security capabilities to defend against the threats. These threats can cause damage to or lead to malfunction of a SCADA systems should change the data sent from PLCs and RTUs or tamper with firmware.
Defending against SCADA attacks
The fight against exploits means being vigilant for new vulnerability discoveries as well as applying new patches to fix them. Organizations must also keep security measures that can defend against cyberattacks. The National Institute of Standards and Technology provided some steps organizations can follow. Use virtual patching to help manage updates and patches: virtual patching can help manage vulnerabilities and prevent exploits when patches cannot be immediately deployed or at all implemented. Apply network segmentation: network segmentation also minimizes the chances of exposure of sensitive information. Properly manage authorization and user accounts: regularly checking and assessing who has authorization and access to certain facets of SCADA systems.