SCADA technology quietly operates in the background of critical utility and industrial facilities nationwide. This important tool efficiently manages utility assets, refineries and other critical industrial segments, but protecting SCADA networks from cyber attacks, hackers and even physical assault is becoming a test of will, cleverness and determination. Cybersecurity for SCADA Systems provides a high-level overview of this unique technology, with an explanation of each market segment. Readers will understand the vital issues, and learn strategies for decreasing or eliminating system vulnerabilities.
Benefits for readers: Functional breakdown and explanation of the typical features, capabilities, and components of a SCADA system; IT and cybersecurity technology and terminology overview and explanation; Industry-specific as well as generalized discussion of SCADA vulnerabilities and available remediation strategies; and Discussion of physical and electronic security issues and strategies
Suitable for the non-technical management level personnel as well as IT personnel without SCADA experience
Terrorist groups are currently using information and communication technologies to orchestrate their conventional attacks. More recently, terrorists have been developing a new form of cyber-capability to coordinate cyber attacks. This book explores the possibility that cyber-terrorists may have developed or may have future capabilities to attack critical infrastructure by accessing Supervisory Control and Data Acquisition (SCADA) systems within Australia and throughout the world. The book characterises the Australian security and terrorism environment and discusses the vulnerability of Australian computer systems and control systems. It also discusses the cyber-capability of various terrorist groups, SCADA risk evaluation methods and presents a framework to measure and protect SCADA systems from the threat of cyber-terrorism within Australia. This framework forms the main basis of this research and is examined by three focus group interviews, signifying the need for new counter-terrorism security models to assist with assessing new cyber security threats such as cyber-terrorism. This contribution is of great value to the SCADA community and organisations.
This digital document is an article from National Defense, published by National Defense Industrial Association on December 1, 2009. The length of the article is 2442 words. The page length shown above is based on a typical 300-word page. The article is delivered in HTML format and is available immediately after purchase. You can view it with any web browser.
Citation Details Title: The unseen cyber-war: national-security infrastructure faces relentless cyberespionage campaign.(Cover story) Author: Austin Wright Publication:National Defense (Magazine/Journal) Date: December 1, 2009 Publisher: National Defense Industrial Association Volume: 94 Issue: 673 Page: 28(5)
Modern industrial facilities, such as oil refineries, chemical factories, electric power generation plants, etc. are large, complex, distributed systems. These systems are monitored and controlled by networks of special purpose embedded computing devices such as sensors, actuators, and PLCs. These industrial control networks are commonly called SCADA (Supervisory Control and Data Acquisition) networks. The increasing interconnectivity of SCADA networks has exposed them to a wide range of network security problems. One of the important issues in securing SCADA networks is to identify vulnerabilities in the communication protocols. This book analyses existing qualitative security assessment guidelines, specifically attack and vulnerability taxonomies, and proposes a new framework for organizing information about known attacks and vulnerabilities to find unknown or similar vulnerabilities in new systems. This framework is used to organize information related to known vulnerabilities in SCADA protocols into a taxonomy that provides a systematic methodology for the security assessment of other SCADA protocols.
This report discusses the vulnerability of the nation’s information infrastructure to external attacks and other kinds of disruptions. It assesses the extent of the data available for measuring this threat and concludes that energy supplies, telecommunications, and computer-based systems should be of first priority for attention and remedial action. Finally, it suggests steps to reduce national vulnerability. The information security posture in both government and the private sector needs immediate examination and attention. Analytic studies should be performed to establish such infrastructure features as sources of resilience and the characterization of normalcy, and to specify R&D requirements. In addition, the nation should establish a warning mechanism and a supporting coordination center.