SCADA Basics: Cybersecurity

In December 2016, nearly a fifth of Kiev, Ukraine was thrown into darkness due to a power outage. Power was back in an hour, and disaster was averted. Or so it seemed. Over the next few months, researchers discovered that malware had attacked the system’s SCADA network and overloaded it, shutting the system down. This set off alarm bells worldwide: malware has come to physical infrastructure systems. (Sources: Wired, Reuters)

In our SCADA Basics series, we’ve learned about the different components of a SCADA system, investigated the reasons you’d use cellular or radio telemetry, and laid out the groundwork for troubleshooting a broken system. Not all dangers to your SCADA system are physical, however. With the rapid rise of ransomware and related cyber threats, making sure your system is ready to handle cybersecurity attacks is crucial. In the final installment of our SCADA Basics series, we’re going to look at how to keep your operations safe from cyber attacks.

Let’s be honest: cyber attacks feel like a vague threat. You may be thinking, “Sure, it’s important, but  I’ve got too much work to think about it right now; soon though”, or “I wouldn’t even know where to start”, or maybe even “Why would they care about us?”. Here’s the thing: if a cyber attack hits, there will be literally nothing more important to your operations than dealing with it. If you’re lucky (and prepared), the attack will be a simple ransomware attack, you’ll restore from your off-network backups, and the damage is minimal. Unfortunately, most people aren’t prepared. We learned this lesson the hard way a few years ago. Worse, these attacks are increasingly able to target production assets, holding your operations hostage and threatening to destroy your machines unless you pay up.

The bottom line is that in all likelihood, you’ll have to deal with malware. This leaves you a decision: do you want to proactively prevent the attack from occurring, or reactively wait to try and put the pieces back together again? After Revere was attacked, we decided to take steps to ensure it never happened again. So what can you do about this threat? We’re not going to go in-depth here, but rather provide you with resources to tackle this issue. If you’re not sure if you’re protected or not, odds are you’re not, and these resources can help you identify weaknesses. Most importantly, though, if you have questions, reach out to us and let’s talk. You work hard to keep your SCADA and control systems online and working. Prevent the headache and cost before it occurs.

21 Steps to Improve Cyber Security of SCADA Networks – US Department of Energy

7 Steps to Gird for Ransomware Battle – Revere Control Systems

US Policy Response to Cyber Attack on SCADA Systems Supporting Critical National Infrastructure – Air Force Research Institute