SCADA- Vulnerabilities, Risk, and Resolutions

Posted by jodom007 on


“SCADA systems face ongoing security risks, including unauthorized access to software and network
segments, as seen in the ransomware attack on a California-based facility in August 2021. Additionally,
the widespread use of mobile applications introduces vulnerabilities, as highlighted by research findings
revealing numerous security flaws. Implementing measures like network segmentation and strict user
authorization protocols is crucial for mitigating these risks and protecting SCADA systems from cyber
threats.”
Vulnerabilities of Critical Infrastructure Systems
SCADA systems are constantly questioned about their security and about how well protected
their systems truly are. One major threat is unauthorized personal being able to obtain access to
unauthorized software. When it comes to this type of problem it can come from a human
tampering with the HMI or it could be changes that were induced intentionally. This could consist
of virus infections or anything that could possibly affect the control host machine. There have
been numerous times where SCADA systems have been compromised. In August 2021, a
California-based facility called WWS fell victim to a cyberattack orchestrated by malicious
individuals. These attackers employed a form of computer virus known as Ghost variant
ransomware to infiltrate the facility’s systems. This ransomware is designed to encrypt important
files and demand a ransom from the victim in exchange for their release. What’s particularly
concerning is that the ransomware had been lurking within the facility’s computer network for
about a month before its presence was detected. The breach was discovered when three
supervisory control and data acquisition (SCADA) servers at the facility displayed a ransomware
message, alerting the staff to the intrusion. This incident highlights the ever-present threat of
cyberattacks and the importance of robust cybersecurity measures to safeguard against such
malicious activities. (Ongoing Cyber Threats to U.S. Water and Wastewater Systems | CISA,
2021)
Another major Threat towards the infrastructures of SCADA is a threat related to the packet
access to the network segments that hold SCADA devices which means that anyone that sends
packets to a SCADA device has control or access over it. SCADA uses a VPN to protect their
systems but, they don’t count in the fact that physical access to these systems allows a person to
bypass the security on the control software and control SCADA networks. Mobile applications are
widely used by engineers for both local and remote control of Programmable Logic Controllers
(PLCs) and Remote Terminal Units (RTUs). This means they can manage these systems either onsite or from a distance via the internet. However, the convenience offered by these applications
also introduces a vulnerability. In 2018, researchers Alexander Bolshev and Ivan Yushkevich
conducted a study which revealed significant concerns. They identified a total of 147
vulnerabilities across 20 different applications. These vulnerabilities could potentially allow
malicious actors to directly interfere with industrial processes or manipulate operators into
making incorrect decisions regarding critical operations. Therefore, while mobile apps provide
flexibility and accessibility, it’s essential to address these security vulnerabilities to prevent
exploitation and protect industrial systems from potential harm. (One Flaw Too Many:
Vulnerabilities in SCADA Systems, n.d.)
Cyber risk solutions for SCADA
The examples provided above are cyber crimes that have already been reported, so therefore
the issues have been resolved. The first issue stated may have been resolved through applying
network segmentation. What applying network segmentation does is that it partitions networks
which prevents the spread of malware and controls the attack before it begins to spread.
Network segmentation also does is that it minimizes the probability of sensitive information that
could possibly get exposed. SCADA systems could also manage their authorization and user
accounts, doing so comes with regularly monitoring who access and who has authorization for
certain SCADA devices and systems. This will help and reduce unexpected opening for
cybercrimes and any physical threats. (One Flaw Too Many: Vulnerabilities in SCADA Systems,
n.d.)
SCADA
SCADA faced issues with unauthorized individuals gaining access to unauthorized software and
network segments holding SCADA devices. However, the described incidents have likely been
reported and resolved. It’s crucial for SCADA and other industrial control systems to remain
vigilant and conduct regular checks on their systems to thwart future cyber-attacks. Maintaining
awareness and implementing consistent monitoring are essential practices in safeguarding
against potential threats. By staying proactive and diligent, SCADA and similar systems can
enhance their security measures and mitigate the risk of unauthorized access and cyber
breaches.
References
One Flaw too Many: Vulnerabilities in SCADA Systems. (n.d.).
https://www.trendmicro.com/vinfo/us/security/news/vulnerabilities-and-exploits/oneflaw-too-many-vulnerabilities-in-scada-systems
Ongoing cyber threats to U.S. water and wastewater Systems | CISA. (2021, October 25).
Cybersecurity and Infrastructure Security Agency CISA. https://www.cisa.gov/newsevents/cybersecurity-advisories/aa21-287a
SCADA Systems – SCADA Systems. (2018, July 25). SCADA Systems.
https://www.scadasystems.net/

Leave a Reply

Your email address will not be published. Required fields are marked *