SCADA networks are a vital piece of modern industrial automation designs. They control everything from air conditioning in a building to load distribution in the electric grid, manufacturing speed in a car assembly chain or, more ominously, the height of the uranium rods in a nuclear plant.
SCADA stands for ”supervisory control and data acquisition” and like all industrial terms carries an aura of black magic – systems that run non-IP protocols over slow links with demanding recovery times and fed by DC. A field for proprietary protocols, strange looking switches and ‘no touch’ stickers all around, you might think. Not anymore.
SCADA networks today run Ethernet and IP, use modified versions of spanning tree or RPR technologies and vanilla or slightly modified versions of common operating systems like Windows.
Windows, you said? Although we are not here to discuss the security of the OS nor the source of those vulnerabilities, the fact is that, for whatever reason, they exist. Add to this the fact that it is estimated today that the only Internet-detached networks in the world are the U.S. and Russian nuclear launch chains, and there is a big need for security in industrial control networks.
These nuclear systems share many qualities with enterprise grade networks, including operating systems, common protocols and risks. And the damage from a security breach is greater from a strategic point of view, because an attack affects not only the typical enterprise operations, but also can have a ripple effect on utilities like electricity generation and distribution, transportation systems, water – almost anything that makes our lives comfortable.
Although there are plenty of examples for these types of attacks, they don’t receive the focus like massive virus outbreaks, but they are much more relevant. The last happened this year and affected Iranian nuclear facilities.
The outbreak shows the potential of highly focused individuals when attacking lightly defended networks. SCADA has received little to no attention the last few years, as mainstream security vendors have focused on enterprise markets. But the potential for industrial markets to improve their security practices is proportional to the risk of affecting revenues or lives.