Supervisory Control and Data Acquisition (SCADA) system sounds too technical and leaves you guessing what exactly it is. I am sure we are going to hear this term more often in future as the cyber attackers leash their weaponry in virtual war in event of a real war takes place between the UN security council members (veto club). Anyhow coming back to the definition, purpose and common vulnerabilities related to it:
Definition: SCADA is a system that operates with coded signals over communication channels so as to provide control of a remote equipment. Here the remote equipment could technically be any machine which could also be part of a public infrastructure. As the working population dwindles in many developed countries there are going to be more SCADA systems to be deployed.
Just to give you a picture till few decades back there used to a human who used to control the flow of traffic on roads of our cities. Then we gradually replaced that human with traffic lights which operated 24 hours without requiring much human intervention at all. Now imagine the activities which could well be handed over to systems (for some reason I am not calling them to be robots) which can take over where human presence was considered necessary, engineers working in Hydroelectric power stations monitoring the machines, Train drivers who takeover the charge and take the Engine and coaches to maintenance stations. While at same time there are many infrastructure services which are now fully automated like running of mass rapid tube / trains in our cities without any drivers.
Though above activities seem to be under control or seem not too critical but as we start handover these activities to systems there is a risk of bad guys hijacking or disrupting the entire infrastructure platform.
SCADA systems are used in to distribute water supply, oil/gas pipelines, electrical systems and rail systems…A large , complex and geographically dispersed infrastructure system which can be operated by very small number of people in a control center. But what may scare you is fact that most SCADA field devices are highly insecure because encryption, authentication and other security measures were not designated into the devices. This could be part of herd mentality based blindness to focus on security of critical and sensitive information. However Bad guys have always been at least two laps ahead of good guys and feel that they could potentially exploit these insecurities by inserting false commands and responses, modifying legitimate communications, or altering field device behavior.
To list few of common vulnerabilities in SCADA field devices include:
- TCP/IP addressability
- Weak or non existent authentication
- Remote configuration capabilities and modem access
- Unencrypted communication with SCADA MTU
- Lack of configuration backups
- E-mbedded web servers
- Default OS security configurations
- Uncollected and un-examined system logs