SCADA systems and their vulnerabilities

If anything goes wrong with them, the consequences can be great and can affect thousands upon thousands people. 

This is exactly the reason why their vulnerabilities represent such a big concern. 

But before we continue with vulnerabilities, let us look at Scada itself.

What is a SCADA system?

Scada or supervisory control and data acquisition system was created to provide a high-level supervisory management using not only computers and graphical user interfaces but also programmable logic controllers and discrete PID controllers within a plant.

It was deliberately created to be open and easily operated, so that it could be easily repaired as well.

This possibility of Scada systems to be “open” is precisely the reason why it now experiences so many vulnerabilities.

SCADA Supervisory Control and Data Acquisition systems found online connected on the Internet is now more than ever. T

hey are vulnerable to common cyber attacks and allow attackers to takeover advanced production systems running SCADA.

To present this more clearly, let us look at your house thermostat.

Your thermostat is something that you have a control over and is not easily accessible to anyone to temper with it, i.e. you keep your door locked. 

Let’s now assume that you added a wireless element to your thermostat so that you could control it using your computer, which is quite convenient as it allows you to control your thermostat not only when you are at home but when you are, let’s say, at work. 

This wireless element to an otherwise offline system has exposed your thermostat to all sorts of attacks.

Namely, as it is wireless, there is a chance for someone else to take control over your thermostat, turning the heat off when you least expect it, or when you are not at home, so that you end up with frozen pipes in the middle of winter and with a huge bill from a plumber. 

All they need is a laptop and your network address.

This is precisely what happened to a nuclear power plant in Ohio, when their private network got attacked by a server worm, disabling their safety monitoring system for about 5 hours. And this also happened to the German and Austrian power grids when they almost broke down, as a stray of piece of code started replicating itself throughout the system. Luckily the problem was settled without power outages.

Just how vulnerable Scada systems are, a cyber intelligence company IntelCrawler has shown in their study, concentrating especially on VSATs, that is, very small aperture terminals, that most Scada systems have.

The study showed just how easy it is for a cyber criminal to target these open VSATs, and through them, the entire Scada system.

Let’s now look at some of the vulnerabilities that Scada systems have.

Common SCADA System Vulnerabilities

The main reason why Scada systems are so prone to vulnerabilities is a lack of monitoring.

As most Scada systems lack an active network system, they often fail to detect suspicious activities or to provide a proper reaction when a cyber attack does happen.
The next reason lies in slow updates that most Scada systems experience.

As systems become more and more advanced, they develop more vulnerabilities. In order to keep everything under control, consistent updates of both hardware and software need to be conducted, which can be inconvenient, especially when there is no proper system in place.  This is why updates are often overlooked.

On the other hand, there is often a lack of knowledge about devices that are connected to Scada systems. As Scada systems usually develop over a period of time, it isn’t uncommon to find technology that is five years old paired with the one that is fifteen years old.

This shows a lack of knowledge about devices that can be paired with Scada systems, as it is assumed that all devices have equal reporting capabilities.

Often the reason for vulnerability can be found in managers, who simply do not understand the type of traffic that goes through networks, or better to say they lack advanced data analyses that will provide enough information so that they can react promptly and effectively to potential threats.

The last reason for Scada vulnerabilities can be found in authentication holes, which though designed to keep Scada systems safe from unauthorized access, are often defeated, either because of poor passwords, weak authentication or sharing of the username.