×

SCADA Security

Veracity | SCADA Security

SCADA systems often have a life span of decades, which means whatever original security measures they have been developed with are long out of date. It is important to your overall IT security that, as SCADA systems become integrated with modern technology and internet access, the threat to these systems is immediately assessed and patched.


                            BENEFITS OF SCADA SECURITY 


Protect Your Business From Disruption:

SCADA systems are mission-critical in many businesses, which means if they are compromised, operations must shut down while the issue is resolved and security measures are taken, creating delays, loss of revenue, and large expenses to fix the system.


Protect your reputation:

Incidents involving critical infrastructure attract significant attention from the media due to the impact these services have on our everyday lives. An exploitation of your SCADA system, even if not critical, can result in serious damage to your reputation and negative impacts on operational and business viability.


Reduce Risk:

Vulnerabilities in SCADA systems can lead to dangerous exploitations that create physical damage to infrastructure and personnel. Reduce your risk and improve regulatory compliance by ensuring you are providing a safe and secure environment for your employees and stakeholder groups.


                                      OUR SCADA SPECIALISTS 


Our team of dedicated SCADA security experts follows a meticulous procedure that has a strong track record to ensure nothing is overlooked when performing your SCADA security tests. Our proven methodologies for conducting penetration tests and vulnerability assessments on SCADA systems ensure clients receive compliance with regulatory frameworks and standards such as ICS-CERT, DoE (Department of Energy), DHS (Department of Homeland Security), NIST SP 800-82 Rev 1, NIST SP 800-53 Rev 4, TR99.00.02, ENISA guidelines for ICS systems, the National ICS Security Standard, Qatar, etc.


One-of-a Kind Protection:

Our SCADA team will use AuditPro (our in-house developed auditing tool) to guarantee your assessment will be conducted using the best tools on the market, as well as Nmap, Nessus, SuperScan, etc.


                                          SCADA ANALYSIS 


How We Perform a SCADA Analysis:

At Cybernetic Global Intelligence, we have a rigorous and proven methodology to help ensure our clients are getting the absolute best testing available on the market.


1. Follow the National Institute of Standards and Technology (NIST), the Department of Energy (DoE), and the Department of Homeland Security (DHS) security guidelines for industrial control systems (ICS) risk assessment.


2. Review existing policies and procedures and assist in developing a new policy and procedure as per the global best practices for ICS.


3. A site survey was conducted through an onsite visit. This will help us understand how the ICS is being utilised.


4. Perform a network diagram review during the site visit.


5. Risk-based Assessment, which will combine automated and manual assessment as ICS components are prone to crashes.


6. Report immediately to the stakeholders about any critical issues found during the assessment process.


7. After the assessment, we will submit a detailed report to the management for their input.


8. Once approved by management, we will release the final report.


The Veracity programme delves into many of SCADA’s security vulnerabilities, of which one is human error. Inadvertent mistakes, disgruntled employees, laptops with viruses, and other human-related conditions all present a major threat to the safe and secure operation of a SCADA system. An example of this occurred in January 2014. A disgruntled employee in Maryland hacked into a SCADA-controlled sewage treatment plant and released millions of gallons of raw sewage into the ocean. The employee was apprehended by the authorities, but the environmental damage had been done. Another security vulnerability in SCADA systems is inadvertent connections to the internet. “SCADA systems may not be directly connected to the internet, but they are almost always connected to an internal network that has direct internet access.” (scmagazine) Furthermore, in the past, certain sensors and monitoring devices communicated using their own specific programming language. Currently, these sensors are increasingly using the TCP/IP language. This allows sensors to communicate with Windows-powered machines that engineers are using to monitor and control systems. Almost all modern SCADA systems are not closed systems, and at some point there is a connection to a corporate network or other third party, which increases their exposure to attacks from external sources.


    
        COMMON THREAT AGENTS FOR THESE ICS SYSTEMS ARE:


Attackers
Bot-network operators.
Transparent visibility on the project status.
Criminal groups.
Malicious Insiders.
Spyware/malware authors.
Terrorists
Industrial/State sponsored spies.


                            CHALLENGES AND THREATS TO ICS SYSTEMS 


The concept of manufacturing and control systems (ICS) electronic security is applied in all types of plants, facilities, and systems in all industries. Manufacturing and control systems include, but are not limited to: 



01 Vulnerabilities in ICS systems 

The vulnerabilities can be classified into broadly three groups:

1. Policy and Procedure Vulnerabilities

2. Platform Vulnerabilities

3. Network Vulnerabilities

02 Policy and Procedure Vulnerabilities

These vulnerabilities are introduced into the ICS due to incomplete, inappropriate, or non-existent security documentation, including policies and procedures.

03

Platform Vulnerabilities

These vulnerabilities can occur due to flaws, misconfigurations, or poor maintenance of hardware, operating systems, and ICS applications.

04

Network Vulnerabilities

These vulnerabilities in ICS may result from flaws, misconfiguration, or poor administration of ICS networks and their connections with other networks.

05

Post exploitation 

Once a machine's scope has been compromised, pivoting and lateral movement techniques will be exercised. This practice is often employed to fully explore and demonstrate the true risk of a vulnerability by emulating the ‘snowball’ effect of stacked vulnerabilities.

06

How Irisk can help you?

Our team of experts follows a step-by-step procedure to do a thorough security assessment of your mission-critical SCADA systems to find out how vulnerable they are against external attacks by malicious users and how much they are compliant with security standards such as ICS-CERT, DoE (Department of Energy), DHS (Department of Homeland Security), NIST SP 800-82 Rev 1, NIST SP 800-53 Rev 4, TR99.00.02, ENISA guidelines for ICS systems, the National ICS Security Standard, Qatar, etc. We use tools such as Nmap, Nessus, SuperScan, etc. for security assessment.

            IRISK METHODOLOGY FOR ICS SYSTEMS 


As per the criticality of the ICS, here is a brief snapshot of the Irisk Methodology:


1. Veracity follows ISA 99/IEC 62443 Standard, NIST, DoE, and DHS security guidelines for ICS risk assessment.

2. Veracity will review existing policies and procedures; otherwise, it will assist in developing new policies and procedures as per the global best practices for ICS.

3. Veracity will start the project with a site survey, which will include an onsite visit to the PDCs and PMUs sites on a sample basis. This will help us understand how ICS are being utilised.

4. Veracity will analyse the network diagram on site.

5. Veracity will perform risk-based penetration testing and vulnerability assessment, which will combine automated and manual assessment as ICS components are prone to crashes.

6. Veracity will report immediately to the stakeholders about any critical issue found during the assessment process.

7. Post-assessment, Veracity will submit the drafted report to management for their input.

8. Once approved by management, Irisk will release the final report.



                WHAT ARE THE TAKEAWAYS? TAKEAWAYS? 


After the security assessment tests, our results will help you determine these core points:


1. The importance of system and configuration hardening for mission-critical SCADA systems


2. You will come to know these complex machines better and secure them accordingly.


3. You can be sure that your SCADA system is actually isolated.


SCADA systems make attractive targets for attackers to tinker around with mission-critical systems, such as making the atomic energy uranium enrichment process unstable by planting a Trojan that suppresses the earning alarm system. With the emergence of advanced persistent threats (APT) like Stuxnet looming around, it should act as a major security concern for every organisation having SCADA infrastructure. A thorough security assessment of such a SCADA system is the need of the hour, and it must be taken seriously.



Have Query ?

×

Notice!!

The cyber security attack that started last Friday has dominated the headlines around the world. This reflects the power and reach of the latest mutation of malware spread around a connected world. Unfortunately, the recent ransomware outbreak may be the first of a new strain that we will see terrorising any computer connected to the internet.