SCADA communication is regulated through a protocol, if the antiquity used a proprietary protocol in accordance with its SCADA manufacturers, are usually polled by other 3rd party vendor-specific networks and protocols like RS-232, RS-485, MODBUS, and DNP, and are usually done over phone lines.
There are already some established protocol standards, and connections are open 24x7 to allow full-time logging so no need to worry about compatibility issues of communication again from following attacks as below:
1. Use a Denial of Service (DoS) attack to crash the SCADA server leading to shut down condition (System Downtime and Loss of Operations)
This type of attack will destroy automatically system for example power supply equipment, controlled temperature, humidity stable environment and others important server data and makes it not work properly.2. Delete system files on the SCADA server (System Downtime and Loss of Operations)
Do you know where the fault / malfunction in the system that affect the process? This attacking (delete system file SCADA server) will make uncontrolled process that will make system produce wrong execution.3. Plant a Trojan and take complete control of system (Gain complete control of system and be able to issue any commands available to Operators)
This Trojan can damage (eg by destroying the data on the document), make computer users feel disturbed so that the SCADA control becomes inaccurate and harmful to the production process.4. Log keystrokes from Operators and obtain usernames and passwords (Preparation for future take down)
The long keystrokes programs created with the aim of being a spy. The program will collect and transmit information such as the pattern of internet usage, username and password for an account without the knowledge of the operators.5. Log any company-sensitive operational data for personal or competition usage (Loss of Corporate Competitive Advantage)
This programs created with the aim to record any sensitive operational data for personal. So that your company will loss competitive advantage.6. Change data points or deceive Operators into thinking control process is out of control and must be shut down (Downtime and Loss of Corporate Data)
This attack does not damage the computer and the software directly, but changing data will make reading error system so that can the result will not properly to a specific device.7. Modify any logged data in remote database system (Loss of Corporate Data)
The negative effects of Modify any logged data in remote database system is to multiply itself, which makes computer resources (such as memory speed) to be reduced significantly. Share files between a PC with a remote machine in a network is something that is usually done by computer network users.8. Use SCADA Server as a launching point to defame and compromise other system components within corporate network. (IP Spoofing)
Spoofing is a "technique used to gain unauthorized access to a computer or information, which an attacker associated with the user by pretending that they are falsifying the host trustworthy" it is to be performed by a hacker / cracker. It is a security exploit that works by tricking computers in a trust relationship that you are someone else.Conclusion
By knowing the various kinds of attacks against SCADA systems described above, we will cautious and understanding to prevent any attempt to gain unauthorized access to a computer. This illegal access of information, such as an attacker associated with the user by pretending that they are falsifying the host trustworthy will harmful for your system. This is usually done by a hacker / cracker.
Labels:
SCADA Articles
SCADA Articles