This page contains a Flash digital edition of a book.
DATA ACQUISITION FEATURE


Systems Agency) director, said: “We recognize the enemy will use the Internet to recruit, to take down SCADA systems. In short, we expect a cyberattack as a prelude to war.”


Is your SCADA system at risk from attack?


In 2016, cyber security will be one of the top concerns


for SCADA and ICS operators. By ensuring protection is planned into the system from the beginning, security can


be strengthened and attacks can be countered, writes Deborah Galea, manager, OPSWAT


upervisory Control and Data Acquisition (SCADA) and Industrial Control Systems (ICS) that control key functions in critical infrastructure are at risk of cyber attack. If saboteurs manage to compromise critical infrastructure services, a country’s economy and military defences can be severely hampered. In addition, since organisations that operate critical infrastructure often own valuable intellectual property, this information can be a target for foreign state actors trying to steal intellectual property to advance their economies or to win competitive bids. The past year has highlighted the


S


growing risk of SCADA attacks and shown that security needs to be improved: • December 2014 - SCADA attack causes physical damage: An unnamed German Steel Mill suffered extensive damage from a cyber attack. The attackers were able to disrupt the control system and prevent a blast furnace from being shut down, resulting in ‘massive’ damage.


• March 2015 - Energy sector hit the hardest: A report by the US Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) found that it received 245 cyber incident


reports from asset owners and industry partners in the fiscal year of 2014. The largest number of these incidents (79) occurred in the energy sector.


• April 2015 - Number of SCADA attacks doubles: According to the 2015 Dell Security Annual Threat Report, SCADA attacks are on the rise. The report found that, in 2014, the number of attacks on SCADA systems doubled compared to the previous year. Most of these attacks occurred in Finland, the United Kingdom and the United States. This is probably due to the fact that in these countries SCADA systems are more likely to be connected to the internet.


• October 2015 - Nuclear industry especially at risk: Chatham House, a UK think-tank, reported that the risk of a cyber attack on nuclear infrastructure is growing. The trend towards the digitization of SCADA systems is increasing the vulnerability of nuclear facilities, and many are inadequately prepared. Even where facilities are air- gapped, this safeguard can be breached with nothing more than a flash drive. • November 2015 - SCADA Security priority for US military: At the CyberCon 2015 conference, LTG Alan Lynn, DISA (Defence Information





The past year has highlighted the growing risk of SCADA attacks and shown that security needs to be improved


IMPROVING SECURITY The most common method used to protect SCADA and ICS systems is ‘air-gapping’ the control systems and completely disconnecting them from the internet and the corporate network. However, while attackers are not able to access the system from the outside, this not only severely hampers productivity but it creates a new attack vector in the form of portable media. Since portable media such as USB


devices, CDs and DVDs are often the only way to transfer data into a secure facility, they become the new attack vector for hackers. Not only can USB sticks contain malware, they can also be booby-trapped – Microsoft recently revealed a vulnerability in Windows which could allow an attacker to execute malicious code from a booby-trapped USB. Given these problems, how can SCADA Security be improved? The following three technologies can be used to bolster the security in SCADA and ICS systems: 1. Portable Media Security: By extensively scanning any portable media such as USB sticks, CDs and DVDs for malware before they are allowed to connect to the secure network, as well as applying security policies to limit allowed file types and media devices, the portable media attack vector can be significantly minimised.


2. Data Diode: By making use of a data diode or one-way gateway to connect lower security networks to higher security networks, data transfer is only possible either in or out of the secure network, not vice versa. This significantly improves productivity by providing limited connectivity, while still maintaining the integrity of the secure network since data can only be transferred in one direction.


3. Secure File Transfer: Secure file transfer can be used to safely send data into the secure network. For instance, after scanning portable media for any malware, the files can be sent into the secure network with secure file transfer, avoiding the need to bring portable media into the secure area. This not only improves productivity but also avoids the risk of booby-trapped USB devices being connected to the secure network.


OPSWAT www.opswat.com


INSTRUMENTATION | MARCH 2016 15


Page 1  |  Page 2  |  Page 3  |  Page 4  |  Page 5  |  Page 6  |  Page 7  |  Page 8  |  Page 9  |  Page 10  |  Page 11  |  Page 12  |  Page 13  |  Page 14  |  Page 15  |  Page 16  |  Page 17  |  Page 18  |  Page 19  |  Page 20  |  Page 21  |  Page 22  |  Page 23  |  Page 24  |  Page 25  |  Page 26  |  Page 27  |  Page 28  |  Page 29  |  Page 30  |  Page 31  |  Page 32  |  Page 33  |  Page 34  |  Page 35  |  Page 36  |  Page 37  |  Page 38  |  Page 39  |  Page 40  |  Page 41  |  Page 42  |  Page 43  |  Page 44  |  Page 45  |  Page 46  |  Page 47  |  Page 48  |  Page 49  |  Page 50  |  Page 51  |  Page 52  |  Page 53  |  Page 54  |  Page 55  |  Page 56