Manufacturing and utility organisations using SCADA and ICS must deploy extra cyber security measures to avoid severe infrastructure attacks.
According to Gavin Coulthard, Manager Systems Engineering of Australia/New Zealand, Palo Alto Networks, critical Supervisory Control and Data Acquisitions systems (SCADA) and Industrial Control Systems (ICS) are used during manufacturing processes within industries such as electrical, water, oil and gas. These systems have a much higher chance of being attacked by cyber criminals because of the pervasiveness of enterprise data centre environments.
Coulthard recalled that the most well-known SCADA attack was probably Stuxnet, a malware that launched a sophisticated attack on an Iranian nuclear facility back in 2010. Since then SCADA and ICS systems have become more and more vulnerable.
He points out there is also a new threat prevailing where an attack can occur from internal networks, not necessarily from the Internet directly. Because of this, SCADA attacks now yield even more financial incentives to attackers aiming to access valuable data sources. Additionally, many SCADA control systems are managed from ageing Windows servers and desktops, such as Windows XP, that cannot be upgraded as the control software doesn’t run on newer versions of Windows or the upgrade cost is prohibitive, leaving organisations exposed to attacks.
Gavin Coulthard comments that modern day cyber-attacks on SCADA and ICS systems are incredibly targeted, sophisticated and persistent, which means businesses must implement the right measures to guarantee complete protection of critical infrastructure.
Five ways to protect SCADA and ICS networks
1. Use advanced cyber protection
Measures such as next-generation firewalls work by building a SCADA security zone, which isolates processes from the rest of the network and creates a safety hub.
2. Secure access to the SCADA zone
Security policies should be tied with user identities to ensure non-authorised users are denied access. Systems such as a Secure Sockets Layer (SSL) and Virtual Private Network (VPN) can achieve this.
3. Eliminate the risk of having to manage multiple ports
Management or backdoor applications such as RDP and Telnet can help ensure each port is protected.
4. Deploy a complete vulnerability protection framework
An entire framework will inspect all traffic traversing the SCADA zone for exploits, malware, botnet and targeted threats.
5. Ensure protection from unsupported operating systems
Deploy a next generation firewall to effectively detect and defend against Windows XP and SCADA application-specific attacks across the network, ensuring the organisation using SCADA has ongoing protection despite the withdrawal of support for Windows XP.