Thursday, September 3, 2015

4 Potential Attacks to ICS/SCADA Security




In the transportation industry, process monitor and control the delivery of essential services such as electricity, natural gas, water, sewage treatment must be controlled by an appropriate control system. Industrial Control Systems (ICS) and Supervisory Control and Data Acquisition (SCADA) system is now widely applied in the process of this transport controls. The challenge there is a network security system of the ICS / SCADA cyber attacks are vulnerable.
Based on the research and survey SCADA vulnerabilities in the 2015 World Infosec conducted by Qualys Security Labs ICS / SCADA indeed there has been a decline in the number of vulnerabilities around 14% compared with the previous year. This interesting news tells about this trend has been around since 2013. But the trend remains the benchmark analysis of potential attacks on the security system of the ICS / SCADA through several methods the following components as below:

Attacks to ICS/SCADA Security

1. Acquisition

The 2014 survey data show that 1% of the total vulnerabilities ICS / SCADA are present in the data acquisition so that the process is very important. Even initial data acquisition includes sensors, meters and field devices, such as photo sensors, pressure sensors, temperature sensors and flow sensors. One application of this acquisition process in the transportation business for example road traffic sensors make modifications without adequate checks which can cause traffic to the system default for failsafe conditions, thus making the traffic lights can operate at a predetermined time.

2. Conversion

The 14% of the vulnerabilities conversion process occurs in the remote terminal unit (RTU), intelligent device electronics (IED) and programmable logic controller (PLC) that was used for automated assembly and manufacturing in the field of solar cell manufacturing, automobile assembly, control parts, and manufacturing airframe. Conversions can be done via port 4000 / TCP service debug and Ports 4001 / TCP service log enabling the configuration of the system and then delete the log records that indicate changes in the system to avoid the threat of malicious activity.

3. Communication

Communication protocols such as Modbus, DNP3, ControlNet, Profibus, ICCP, OCP most widely used in the transportation and control communication system proved to be relatively secure against all vulnerabilities ICS / SCADA. Need to consider that 21% of the vulnerabilities coming from the weak communication network. CVE-2014-5410, CVE-2014-0761, CVE-2014-2342, CVE-2013-6143 are a few examples that are compatible with the communication protocol above.

4. Presentation and Control (HMI)

Human Machine Interface (HMI) is used to monitor and react to warnings and alarms and even today most vendors ICS / SCADA has shifted or switched to Web-based HMIs. Directory traversal attacks such as buffer overflows, XSS, SQL Injection, CSRF and many web vulnerabilities to attack the vulnerability of these components prosesntase even reached about 63%.

Conclusion

Security problems in the system of the ICS / SCADA is so complex that it took the integration of networks connected there. However, the basic security systems such as access control and access roles, patch, remove the debug services or even check if your system is inadvertently exposed to the Internet can help you do the early detection of vulnerabilities occur.


Labels:


Newer Post Older Post Home

You may also like these ebook:

Get Free PLC eBook directly sent to your email,
and email subscription to program-plc.blogspot.com




We hate SPAM. Your information is never sold or shared with anyone.

Your Email Will Be 100% Secured !