By Gregory Hale
There is no denying SCADA systems will remain in attacker’s cross hairs in the future.
Just take a look at the different entities hitting the systems: Attackers are getting more sophisticated and foreign government want to capture as much information as they can.
“We live in a world that is more connected, but the underlying technology is not secure,” said Jonathan Pollet, founder of Red Tiger Security Tuesday during his “Hacking SCADA systems: 2011 in Review” at ABB Automation & Power World in Houston.
Attacks over the years have evolved to the point where they target specific people or companies where the potential victims don’t stand a chance if they remain unprotected. Through the use of social media, networking and social engineering, the bad guys can gain as much needed information before they the start the attack, Pollet said.
Then when the attack starts, it may appear the victim is getting an email from a friend or relative, but instead it is a file loaded with malware that can then attack your system. These phishing attacks are very effective.
When it comes to social engineering, “You can’t always take anything at face value,” Pollet said.
SCADA systems used to consist of pushing buttons, but the new systems are running on the same operating system as corporate desktops, Pollet said. With the advantages picked up with the new systems, there are also some disadvantages like the idea of patches coming out to fill holes in software.
“We have to come to grips where we have a patch environment living in a world where patches are not friendly,” Pollet said. SCADA technology has come a long way, but the industry still has the old world way of doing things.
“SCADA and industrial control systems (ICS) products do not go through the same rigorous security lifecycle process as enterprise systems,” Pollet said. “SCADA lags the IT world by 5-10 years. So we are just seeing vendors nowmaking plans to test products for security flaws.”
To prove how simple it is to hack into systems, Pollet showed three videos of how quick and easy it was to get into a system. Within three minutes he was able to get in.
On top of the problems with SCADA systems, Pollet also said foreign governments are on the attack and trying to pilfer as much information as possible.
“Nation states establish a covert presence on a network in order to obtain sensitive information,” Pollet said. “Foreign governments are very interested in obtaining cyber security advantages.”
There are ways to ensure manufacturers can maintain a safe defense and part of it includes training personnel to understand what an attack looks like so they can ward off the bad guys.
“The best defense always understands the offense,” Pollet said. “This is a reality we live in, some of the things can be daunting, but if we don’t understand it, we can’t solve it.”