SCADA Security




Whats the risk?


Just some food for thought, watch this first (ABC News, 2013).

Within our Lab the system is secure, or is it?

Whatever you think security must be a serious consideration when designing systems. I have compiled a few articles to reinforce this.

Operatives vacuumed up caches of e-mails, engineering PDFs and other documents, but it was their focus on supervisory control and data acquisition, or SCADA, systems in industrial computers that most concerned U.S. officials, according to people familiar with the incidents. Attackers could use SCADA systems to manipulate valves to build up pressure and burst pipes or shut down a power plant (Riley and Robertson, 2014).
Riley and Robertson(2014) go on to claim that the prevailing theory, according to two former senior national security officials, is that the hackers were only testing their skills and stockpiling data, preparing for a war their bosses may never wage, much as the U.S. and Soviet Union built nuclear weapons inventories during the Cold War.

Quite a scary thought, if the system is open, then it can be hacked. 

What could be the consequences?

A blackout hits major cities. Streets flood. Trains grind to a halt. Banks lose data simultaneously. A large-scale strategic attack is executed within minutes over the internet. It sounds far-fetched, but the US is taking the threat of a cyber 9/11 very seriously (ABC News, 2013). 

'The US claims China is behind the biggest transfer of wealth in history' according to ABC News and wealth in terms of intellectual property rights is being stolen in silence without companies being any the wiser. Further evidence and a good insight into the vulnerabilities is clear in a longer video (45 Mins) 'A secret war that has already cost Australia billions of dollars' (Fowler and Cronau, 2013). This video is well worth a look if you have a bit more time, but you should be interested.

References


Cyber Attack, How vulnerable is critical infrastructure to cyber attacks? (2013) Video, added by ABC News [Online]. Available at http://www.abc.net.au/catalyst/stories/3780304.htm (Accessed 20 Oct 2015).

Fowler, A. and Cronau, P. (2013) Hacked! [Online] Available at http://www.abc.net.au/4corners/stories/2013/05/27/3766576.htm (Accessed 10 Oct 2015)

Kruszelnicki, K (2011) Stuxnet the world's dirtiest digital bomb [Online] Available from http://www.abc.net.au/science/articles/2011/11/01/3353334.htm#.Ubgbw-emhQg (Accessed 20 Oct 2015).
Riley, M. and Robertson, J.(2014) ‘UglyGorilla Hack of U.S. Utility Exposes Cyberwar Threat’, Bloomberg Business, June 13 2014 [Online]. Available at http://www.bloomberg.com/news/articles/2014-06-13/uglygorilla-hack-of-u-s-utility-exposes-cyberwar-threat (Accessed 20 Oct 2015).