SCADA SYSTEMS AND CYBER-THREATS
Updated: Jun 21, 2020
SCADA, an acronym for Supervisory Control and Data Acquisition, is a computer-based system consisting of software and hardware components that assist the industrial establishment gather and keep a track on the real-time data. By monitoring a plant or industrial processes, it helps manage industrial operations such as water and waste control, water treatment and distribution, oil and gas pipelines, telecommunications, electricity management, transportation etc with motorized control and remote human management.
HOW DOES A SCAD SYSTEM FUNCTION?
SCADA systems have been used since the early 1960s and are one of the most standard types of Industrial Control Systems (ICS). This systematic, cost-efficient and the interoperable system have led to a massive transformation from the Traditional Proprietary Protocol to the modern Transmission Control Protocol (TCP) / Internet Protocol (IP). But how does the SCAD system work? Let’s take an example. In large industrial establishments, there are huge oil and gas pipelines which transfer various chemicals. Now suppose, if there is a pipeline leak in the oil and gas sector of the said establishment, SCADA system gathers information as to where the leakage has taken place along with the magnitude of the leakage and further conveys this information back to the central site alerting the home station and then displays the information in a well-organized manner on the computer-screen of the operator.
Further, just like any other network, these systems are also under threat from cyber-attacks from several sources which render it vulnerable. Since it is a real-time control system, a successful attack on such a system can quickly overthrow any part of the nation’s framework and can have more dire consequences in comparison to a ‘denial of service’ attack on a corporate site. The objective behind such a cyber-attack can be right from a hacker trying to gain access for some ransom amount to a terrorist that wants to cause a disturbance in the working of the industrial organization, which may, in turn, lead to a serious menace that disables the entire system. The 2010 cyberattack on Iran’s nuclear enrichment program by the Stuxnet worm was one of the most devastating SCADA attacks ever recorded and made public so far. The attack considerably slowed down Iran’s nuclear program. Some of the types of SCAD network threats are:
Hackers: Hackers are the expected to be sets of malicious individuals or groups whose intention is to gain access to key components in SCADA networks and control it from the inside so that they can gather the sensitive information to disrupt the business operations. These hackers can also be involved in a government’s master plan of cyber warfare.
Inside errors: Unintentional human errors and technical errors can cause as much as harm as external attacks/threats. Network issues and disruption majorly cause inside errors. Technological errors owing to lack of software and hardware maintenance, software and hardware becoming outdated, bad code can cause inside errors. Besides, human errors due to poor or limited training or carelessness on the part of the employees increase the threat of the SCADA cybersecurity.
Terrorists: Terrorists are a group of individuals who are driven by political, ideological or religious motives to cause as much damage, harm and destruction in the industrial organization. Hackers on one hand use the sensitive information for some sordid gain but here the terrorists have no such intention or motive.
Malware: Malware may cause a significant threat without actually targeting a SCADA network through spyware, computer viruses or ransomware. It may not particularly target the network, but it can still pose a significant threat to the key infrastructure that assists to manage and control the SCADA network. By not opening any unusual emails or clicking unsafe websites, one can avoid such a kind of cyber-threat.
Now that we have discussed the cyber-threats, how can one possibly avoid such a thing?
By applying network segmentation.
By using adequate security measures between the ICS network and the corporate network.
By maintaining strict policies for devices that are allowed to connect to SCADA networks.
By restricting the roles of transitory SCADA nodes to a single purpose.
By hardening the perimeter etc.
To maintain cyber-security, one has to constantly be attentive. Even though SCADA systems are considered vital in large industrial organizations, they come with several weaknesses. Security checks, constant monitoring and reporting, and standard protocols can help reduce such threats.
ABOUT THE AUTHOR:
Jhanavi Shah is a 3rd-year law student, who is pursuing law from M.K.E.S College of Law, Mumbai
You can contact her at https://www.linkedin.com/in/jhanavi-shah-3045b21a3/
Editor: Rudra Prasad
Disclaimer by Legal Armor:
We at Legal Armor do not endorse the Authors' views and are in no way responsible for the said views. We are just publishing the Write-ups as blogs with just light editing, and are in no way responsible for any legal claims. Legal Armor shall not be liable for any plagiarized content.