(Update: The FBI and the Department of Homeland Security announced that they “found no evidence of a cyber intrusion” into the Illinois utility’s SCADA system.)
Earlier this month, an Illinois water utility was the victim of a foreign cyber attack. On November 8, the water utility’s pump system was hacked by cyber criminals who used the intrusion to access the utility’s network and shut it down remotely. According to a report in the Daily Tech, “it is believed to be the first recognized foreign cyber attack on a US industrial system.”
The SCADA hack took place at a small water district west of Springfield, IL, in a community of about 2,200 customers. Although information about the software that was compromised is not being released, cyber security experts warn that this tactic could be successful across a wide variety of SCADA systems, including those used for nuclear reactors and chemical plants. Unfortunately, outdated SCADA systems litter much of our industrial and commercial landscape.
In an interview quoted in Daily Tech, Lani Kass, former senior cyber policy adviser to the US Joint Chiefs of Staff and the US Air Force said, “Many [SCADA systems] are old and vulnerable. There are no financial incentives for the utility owners to replace and secure these systems and the costs would be high.”
How was this cyber attacked achieved? The perpetrators used stolen credentials from the utility’s SCADA software company. And while the motive for this particular attack is unknown, the fear is that this is just the start—a dry run allowing cyber criminals to assess the vulnerabilities of automated industrial systems. Unfortunately, according to Dave Marcus, Director of Security for McAfee labs, because SCADA networks lack some of the security protocols common in standard computer networks, there’s no way to know whether or not our systems have not already been compromised.
In an interview in PCWorld, Marcus outlined some of the biggest concerns regarding SCADA systems and suggested some preliminary precautions that can be taken in response to this new security threat. He also recommends some of the following precautions:
* Include “cyber” in all risk management.
* Set up extensive penetration testing.
* Set up extensive counter-social engineering training.
* Put a SCADA-specific CERT plan and team in place.
* Network with law enforcement at all levels.
* Expect to get attacked and take appropriate countermeasures.
So what do you think? If SCADA networks represent significant targets for terrorists or other politically motivated attacks, are we doing enough to defend our systems? If it’s difficult to determine whether or not a cyber attack has already taken place, what do we do about automated systems that may already be compromised? And if SCADA networks are an “easy target,” what other security measures are available for implementation?
***
Upcoming Forester University Webinars:
Dec 7th, 2011:
Maximize Your Energy Efficiency and Savings with Lighting Solutions
Stop wasting energy and savings on your lighting! Join Gregory Davis, Chief Technology Officer at Lumetric, Inc. on December 7th at 2p.m. EST to explore lighting efficiency technology as a means to maximize your energy efficiency and increase your savings. We’ll discuss efficiency opportunities, technologies, and applications available in lighting, and compare solutions (e.g., application, maintenance, lifespan, etc.) for your best ROI.
Dec 13th, 2011:
Stormwater Inspection and Maintenance
Don’t get caught in the storm. Join Andrew J. Erickson, M.S., P.E., for Stormwater Inspection & Maintenance on Dec. 13th, a discussion of standardized stormwater inspection methods and performance assessment. Learn how to use these to assess, select, and schedule effective and financially sustainable maintenance on stormwater treatment practices (e.g., stormwater ponds, bioretention facilities, infiltration basins, swales, and filter strips).