Supervisory control and data acquisition (SCADA) networks are widely used in modern industrial organizations to monitor and analyze real-time data, control both local and remote industrial processes, interact with devices, and log data and events for auditing and other purposes. Because SCADA networks are vital to the industrial organizations that use them – and because they are comprised of hardware and software that may be subject to vulnerabilities – SCADA security is a growing need in the industrial sector.

Definition of SCADA Security

SCADA Security is broad term used to describe the protection of SCADA networks. These networks are made up of computer hardware and applications and are utilized to control and monitor vital infrastructure in nations where they are employed. Some of the systems utilizing SCADA networks include natural gas, electricity, water, and other key services.

Due to the valuable role and vulnerabilities of these networks, measures are taken by governments and private companies to ensure the safety of these systems. SCADA security is a term to describe measures taken to protect SCADA networks as well as to discuss vulnerabilities (i.e. common SCADA security problems).

Examples of SCADA Security Threats and Vulnerabilities

With the growing threat of cyber-attacks and cyber warfare, the security of certain networks is under scrutiny by those hoping to protect them. Rising cases of SCADA network attacks and attacks have caused increased discussion of the topic.

Everyone from large companies to local and federal governments are all vulnerable to these threats to SCADA security. Schneider Electric is a multinational corporation that specializes in energy management automation and SCADA networks. According to a recently reported story on DarkReading.com, Schneider was hacked, and the digital assailants gained control of the company’s emergency shutdown system and used it to target one of Schneider’s customers.

Specific types of threats to SCADA networks fall into four categories:

1. Hackers: Intentional, malicious individuals or groups that are intent on gaining access to key components in SCADA networks. These hackers could also be part of a government plan as a type of cyber warfare.
2. Malware: Malware would include viruses, spyware, and other programs not necessarily targeting SCADA networks. While they may not be specifically targeting these networks, malware still poses a threat to the operation of key infrastructure.
3. Terrorists: Hackers may want access for malicious intent, but are typically motivated by sordid gain. Terrorists are typically driven to cause as much damage as possible to critical systems of particular services.
4. Insider Error: Workers are a common cause of SCADA network issues. Either intentionally (due to internal work issues) or, more commonly, operator error. Most issues in this category are due to poor training or carelessness.

SCADA System Security Weaknesses

SCADA networks are made up of hardware, firmware, and software. Newer networks are, at least partially, controlled by applications. Each point of the network has its own form of security threats. However, hackers are targeting systems with some of the same common weaknesses.

Some of those weaknesses include:

1. Poor Training: Most employees understand the vital nature of the systems and how to operate and monitor controls. Although, many who operate SCADA systems are undertrained in preventing, monitoring, and identifying potential threats to security.
2. App Development Loopholes: Apps have become an increasing part of industrial control systems. Yet, many applications being developed lack the level of security to be expected for such vital systems.
3. Monitoring Issues: One type of monitoring is to ensure that systems are running properly. Another is to seek out potential threats to the network. In many cases, a threat is not detected until hackers have access to certain systems and have begun to exploit them.
4. Lack of Maintenance: Software becomes outdated, new application updates are created to improve the functionality or security, and bugs in the programming get fixed. If these updates are not administered quickly and properly, vulnerabilities occur.