• Overview
• Advice for CEOs
• Automated Testing of SCADA Protocols
• A Study of Security Vulnerabilities in Control Protocols
• Security Incidents And Trends In Scada And Process Industries

The results clearly show that while the business network (either LAN or WAN) was a major source, it was certainly not the only source. Secondary pathways such as dial-up connections, wireless systems, public telecommunications networks, VPNs, and third-party connections were all significant contributors.

While shocking to some, the large number of and variety of pathways common in automation systems is corroborated both by the keynote presentation at the 2006 Process Control Security Forum (PCSF) and a recent ARC Advisory Group survey6. The PCSF paper reported that at one representative large energy company, 80 to 90% of all control networks were shown to be connected to the enterprise network, which in turn, is interconnected to the Internet. In the case of the ARC survey, control engineers were asked about the types of connections that their automation networks had to the outside world. The summary results are shown to the left. Notice that the percentages in the ARC study do not add up to 100%, indicating that many automation networks had multiple connections. Both the research team’s experience in conducting site security audits on control systems and the results in Fig. 6 indicate that most facilities have multiple pathways into their control system, not just one. For example, one survey in 2004 uncovered 17 different pathways, while site management believed there was only one control system to business network data historian link.

The use of older technologies such as dial-up modems for remote support and the integration of new technologies such as VPN access, laptops, and IEEE 802.11 wireless present many pathways for attackers to gain access into the SCADA and process control networks. These include:

• Modems: Both leased-line and dial-up modems have been in use for decades to allow the remote support of control systems and are still widespread, especially on control devices that use serial communications or are located in remote locations. For example, the connection of maintenance modems to protection relays substations is a largely accepted practice throughout the North American power industry. Unfortunately, many of these modem/device pairs have been shown to have either no password or trivial passwords. Some are even so old as to not allow passwords at all.
• Wireless: There are many ways SCADA control systems companies use wireless technology. Traditionally, SCADA networks over large physical areas used licensed-band radio systems to allow remote nodes to communicate with a centralised management host. More recently, the large-scale use of 802.11 WLANs has created countless opportunities for intrusion and information theft.
• Third-party connections: Generally used for remote support by control systems vendors or product transfer by raw materials suppliers, these connections interconnect the control system to an outside network that may not follow the same security policies. Dial-up, long-haul serial, unencrypted wide area network, radio frequency, and VPN style connections are all used.
• VPNs: Often deployed as part of a third-party connection, these use encryption technologies such as SSL and IPsec to tunnel so-called secure communications across insecure networks (such as the Internet) and into the control network. Since the traffic is encrypted, it is commonly believed to be secure. VPNs do not protect the network and workstations against most data-driven attacks (i.e., viruses) when the end-nodes or networks are not also secured7. Additionally, such connections can often bypass firewall rules because data is received in an encrypted format and cannot be checked by the firewall.
• Mobile devices such as laptops, PDAs and Flash drives are often used in a variety of environments, each with different security policies and practices. This allows the spillover of security issues from one system to the other. For example, if laptops are used both in the plant environment and in a less secure home environment, malware obtained in one setting may be unwittingly transferred to the other.
• Internet: While commonly denied, both the ARC Study and a number of the incidents in the ISID show that control systems do get connected directly to the Internet. Reasons for this include a desire to download system patches or antivirus updates from vendor web sites, as well as a misguided desire to conduct typical office activities (such as email) from the plant floor.

« Prev | 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | Next »