Fundamentals Of SCADA Security – 4

Author:

Security threats to SCADA and RTU

The SCADA systems which tie up together the decentralized facilities like; oil and gas pipelines, waste water collection, power and water distribution systems were actually designed so as to be robust, open and to be easily operated as well as repaired but not particularly secure. So, this move from all the proprietary technologies to the much more standardized as well as open solutions along with increased number of the connections among SCADA systems, office networks as well as Internet has made all of them much more vulnerable to varied types of network attacks which are pretty much common and also prevalent in cases or scenarios pertaining to computer security.
The topic of threat concerns in relation to SCADA and RTUs is that there is lack of care or concern when it comes to security as well authentication in design, deployment and also operation of some of the existing SCADA networks, belief that the SCADA networks have benefit of “security through obscurity” via making use of some specialized protocols as well as some proprietary interfaces, belief that the SCADA networks are secure enough as they are secured just physically and belief that the SCADA networks are secure enough as they are disconnected from Internet.
So, security of all the SCADA systems is quite the important topic as because the compromise or maybe the destruction of the concerned systems would create an impact on multiple areas of the society which is even far removed from original compromise. That is, for example, any blackout which is caused by a particular compromised electrical SCADA system could cause large financial losses in relation to all customers that have been receiving electricity from that particular source.
Now, SCADA being an indispensible part of any crucial infrastructure ought to be provided with security just not at central station but also to the end devices that are present locally. It is these local devices or RTUs that help provide raw data to the centralized master system so as to allow it to conduct relevant processing in order to produce much needed information for purposes of automation and hence every component so concerned has got to have equal undivided importance when it comes to security.
SCADA should make sure that it is taking steps to maintain TCIA standard that talks about the parameters such as; timelessness, confidentiality, integrity and availability. Any threat vector negating any one of the parameters must be deterred or in certain cases prevented so as to protect the overall security in the SCADA system.
Now, the security threats concerning the whole of SCADA setup would be analyzed from all the angles possible. It would take into account the human threats or insecurities, natural or maybe environmental ones as well the attacks or threats spinning out when networks are considered.

Human threats:

  • There exist employees who work on the SCADA systems and in some cases prove themselves as the most vulnerable ones for systems which would be resulting in espionage.
  • There can also be disgruntled employees or may be operators who work on the systems and can be lured by the offers made by the hackers or attackers. The employees can leak the passwords or may be insert PDAs provided by attackers into systems, thereby causing the viruses or worms to enter the systems and cause havoc, indirectly fulfilling the motive of the attackers.
  • Besides all these there are reconnaissance attackers who capture or gather the network information for the control system, then map its network architecture and thereby identify the characteristics in relation to a device such as; the manufacturer, system address, model number, the supporting network protocols as well as the system memory map.
  • In multiple cases or scenarios there persist problems relating to unauthorized access as well as control over the system due to the presence of un-patched systems in place.
  • In some situations the programmer while creating (or programming) logic for PLC by making use of ladder programming could have left few logical bugs like, an uninterruptible situation which can be regarded as a situation that takes place when there exists no automation command put forth or specified in logic leading to system crashing or stopping for some time period. But the problem here is that in SCADA system, the system shouldn’t stop for a while and above that id attacker gets to review code for that specific PLC then he/she can discover this vulnerability and thereby study it thoroughly with complete intention of exploiting the concerned system.
  • Attacks on SCADA systems can also happen because of sheer unawareness, carelessness, ignorance and lack of knowledge in humans while dealing with the systems. So, even though the system isn’t attacked by anyone, the operators involved here could definitely be the cause for the adverse effects on the systems concerned.
  • Taking an example, let’s say when an automated building using SCADA system like, HVAC is knowingly made non-automated or maybe disrupted, it might lead to severe inconveniences to any particular individual or a group. In cases when the process of ventilation is disturbed in any isolated building leading to disastrous losses to human lives.
  • Natural threats:

  • The natural disasters can have devastating effects which can thereby completely destroy or maybe alter the functionalities within a SCADA system.
  • These kinds of threats are mostly random and very much unpredictable which can very affect the region present within the physical range of the concerned disaster area than when compared to the areas outside.
  • Therefore, all critical assets must be at first identified, then duplicated and at last risk mitigation plans put forth so as to prevent any threats or attacks from occurring. Any kind of natural threats are pretty easier to handle than the most focussed cyber related attacks.
  • The lack of warnings issuance can be one of the reasons which make responses to those specific threats much more difficult. The severity or degree of damage can be significantly reduced (or minimized) if there exists enough warnings so as to allow the shutting down process. If the event takes place with very little or maybe no time in order to prepare, the chances of damage occurring increases.
  • Natural disaster like earthquake can cause fatal damages to infrastructures such as; oil and gas, telecommunication and electricity industries that have SCADA systems in place for their respective operational purposes. This would cause physical damage to the computer facilities.
  • On the other hand, threat like hurricanes can cause damages to infrastructures such as; oil and gas, chemical as well as electrical industries having SCADA systems for their routine operations. Here the control systems or equipments would be severely damaged or completely destroyed resulting in service outages.
  • Network related threats:

  • In the current and prevalent practices under SCADA systems there exists multiple loopholes inviting cyber attacks. These can be poor network security, operating system vulnerabilities, making use of certain wireless devices, etc.
  • There can be attacks on the devices operating on the plant floors or fields, most common vulnerabilities relating to protocols, man-in-the-middle attacks, hijacking, etc. that are regarded as the most common attack vectors or threats which would adversely affect the whole of the systems involved in processes in general and SCADA systems in particular.
  • There is also possibility of having malware attacks.
  • Occurrence of response and measurement injection attacks takes place while the control system or SCADA uses polling methods in order to send the packets from a specified client to a particular server which as in response provides state information that can be used by HMI.
  • Many of the network protocols relating to the control systems or SCADA systems do not have or lack the appropriate authentication features which thereby don’t make sure about the actual origin or source of packets concerned. This then helps enable attackers to get hold as well as modify those packets that tend to hold sensor reading values.
  • Taking a recent case that occurred in November, 2014 in Houston, there exists a water supply SCADA system in place that consists of data transmission on open internet rather than any private network. Then, system’s network was hacked that resulted in problems involving working of HMI of the concerned system. All this zeroed down to the problems because measurements of both chlorine as well as fluoride were tampered in order to pollute the whole water body which was distributed within that state.
  • The attackers or hackers might also make attempts so as to inject any kind of false actions relating to supervisory control and to the network of the control system which can be termed as command injection attacks.
  • The threat relating to unauthorized access to control software, whether initiated by human or the changes that are induced either accidentally or maybe knowingly by viruses or other threat related software that would exist on host control machine.
    Another would be threat pertaining to packet access in relation to network segments that host SCADA devices. In most of the cases, a control protocol lacks the presence of any cryptographic security in place thereby allowing any attacker to gain control on the SCADA device via sending commands over network. There are also chances of very easily bypassing the VPN through physical access to the SCADA related network jacks as well as switches.
    The SCADA systems are also vulnerable to the electromagnetic pulse (abbreviated as EMP) events. In addition to this, the networks associated with the SCADA system or may be the RTUs are very rarely hardened thereby making occurrence of attacks much more feasible. So, the lack of encryption mechanisms along with attack vectors such as; ARP spoofing and packet flooding are far more solid reasons which display the threat scenarios pertaining to whole of SCADA systems.