Aug 08, 2015

What are the main security threats faced by SCADA networks?

People seem to worry a lot more about physical attacks than they do about attacks on infrastructure, which I suppose is understandable. Still, there are a lot of SCADA networks out there connected to critical components of infrastructure. What are the biggest security threats to these networks? Are they vulnerable to someone penetrating them and causing damage?
You might want to check out this white paper on SCADA security challenges. It talks about some security threats, who the attackers are, and some solutions for securing SCADA systems:
SCADA security issues

"SCADA systems that tie together decentralized facilities such as power, oil, and gas pipelines and water distribution and wastewater collection systems were designed to be open, robust, and easily operated and repaired, but not necessarily secure.[12] The move from proprietary technologies to more standardized and open solutions together with the increased number of connections between SCADA systems, office networks, and the Internet has made them more vulnerable to types of network attacks that are relatively common in computer security. For example, United States Computer Emergency Readiness Team (US-CERT) released a vulnerability advisory[13] that allowed unauthenticated users to download sensitive configuration information including password hashes on an Inductive Automation Ignition system utilizing a standard attack type leveraging access to the Tomcat Embedded Web server. Security researcher Jerry Brown submitted a similar advisory regarding a buffer overflow vulnerability[14] in a Wonderware InBatchClient ActiveX control. Both vendors made updates available prior to public vulnerability release. Mitigation recommendations were standard patching practices and requiring VPN access for secure connectivity. Consequently, the security of some SCADA-based systems has come into question as they are seen as potentially vulnerable to cyber attacks.[15][16][17]

In particular, security researchers are concerned about:

the lack of concern about security and authentication in the design, deployment and operation of some existing SCADA networks
the belief that SCADA systems have the benefit of security through obscurity through the use of specialized protocols and proprietary interfaces
the belief that SCADA networks are secure because they are physically secured
the belief that SCADA networks are secure because they are disconnected from the Internet."
This document might be of interest to you, it goes over ways to improve cyber security of SCADA networks :
Answer this