Securing SCADA Systems: Where Do We Start?
Jun 23, 2011 5:00 AM PT
Many leading industrial and governmental network infrastructures employ supervisory control and data acquisition (SCADA) and distributed control systems (DCS) to automate, monitor and control crucial physical processes, including manufacturing and testing, electrical transmission, water and fuel transport, and traffic signal operation.
Because of their crucial importance and prominence in the field, SCADA systems have increasingly been the target of criminal and terrorist activities intended to disrupt and deny services. Critical failures can disrupt crucial production and endanger public safety.
Unfortunately, many organizations have been slow to recognize potential vulnerabilities from unauthorized access and malware threats. Partially as a result of this unpreparedness, malicious attacks on SCADA systems worldwide are on the rise, including variants of the Stuxnet virus, Modbus TCP Illegal packet size, CitectSCADA Buffer overflow attempts, ActiveX SetActiveXguid method invocations and SCPC Initialize BO attempts.
Map Out a Plan
What steps should you take to protect your SCADA systems? While certain organizations may have unique requirements (e.g., in meeting criteria mandated by the U.S. Departments of Defense, Energy, or Homeland Security), a comprehensive approach typically involves defining purpose and scope, determining corresponding objectives, and planning the steps and resources required to attain them before subsequently executing a plan into action.
Once in place, countermeasures should be routinely audited to confirm effectiveness, and evaluated to determine any need for improvement.
The following 10 steps offer a high-level guideline for meeting these goals using readily available methods and technologies.
1. Know Your SCADA Systems
Document the network infrastructure, components, applications, data stores and connections that are critical to your SCADA system. Perform a baseline analysis for ongoing risk management, and set corresponding security requirements.
Establish and communicate security roles, responsibilities and authorization levels for IT, management, staff, and third-party stakeholders.
2. Lock DownYour Perimeter
Disconnect any unnecessary or unauthorized network paths to your SCADA systems, including unsecured disk drives, USB ports, wireless connections, or links to third-party extranets (e.g., suppliers, contractors, outsourcers, etc.).
Implement firewalls to establish a demilitarized zone (DMZ), isolating your SCADA systems on protected segments separated from the rest of the network, with no direct connections or potential backdoors to other avenues of attack.
3. Update Your Defenses
Implement defense-in-depth security solutions such as Unified Threat Management (UTM) and Next-Generation Firewalls, which protect against single-point-of-failure breaches.
Effective solutions feature multiprong defenses, including intrusion prevention, antimalware, content filtering, and application-intelligent firewalling. Ensure your security services are continually updated with the latest up-to-the-minute signatures and patches.
4. Enforce Access Controls
Criminals cannot damage or take control of your SCADA systems unless they can reach them. You must design and implement rules for access control and sharing of data, applications and resources. You must also define, implement and monitor all external secure access connections needed for business users, remote maintenance, third parties, etc.
Establish policy-based access criteria, limiting access privileges to a minimum. Keep an up-to-date list of access accounts, periodically check logs, and renew all access credentials with enhanced access control where necessary. Enforce granular access authentication at the gateway (e.g., Advanced Encryption Standard authentication), to counter unauthorized backdoor attacks.
5. Secure Your Remote Access
The exponential growth of mobile, wireless and widely distributed networks presents a vastly greater potential for unauthorized remote access.
Secure all remote access over virtual private networks using point-to-point IPSec or clientless SSL technology.
6. Harden SCADA Features
Certain automated SCADA features (e.g., remote maintenance) can potentially undermine security by creating vulnerabilities for unauthorized access or intrusion attacks.
Work with your SCADA vendors to find out which of these can be disabled without violating support agreements, interrupting service or causing downtime.
7. Monitor and Log Incidents
Implement monitoring and logging systems for all SCADA-critical applications, infrastructure, etc. By recording incidents and assessing alerts on the status of the system, you can take proactive measures to prevent attacks and avoid interruptions in service.
Solutions are currently available that can display all network traffic (including SCADA applications) in real time, enabling a faster response to emerging threats.
8. Establish Change Control and Configuration Management
Network configurations and system, firewalls, access, applications and procedures can change over time. Any change can impact other components and connections.
Manage the configuration with all changes documented and back-up date to limit disruption and delays in case of restarts. There are applications available to control even complex networked systems.
9. Conduct Routine Audits
Perform a complete system check every six to 12 months. Periodically check the event log for incidents to confirm technological safeguards (firewalls, network components and systems), documentation, procedures and appropriate access are maintained.
Regularly assess audit results and apply them to strategically correcting and improving your security.
10. Prepare for Recovery
As a high-profile target, SCADA systems must be backed up and prepared for rapid recovery should an attack take them offline. Develop contingency procedures to ensure business continuity and disaster recovery for SCADA-critical systems.
Comprehensive solutions include automatic offsite backup, continuous data protection and bare metal recovery to alternate equipment.
Stay on Target
These guidelines offer a straightforward, yet comprehensive approach to securing your SCADA systems. By diligently adhering to these steps, your organization can make a significant impact on whether your SCADA and DCS systems are effectively defended against potential attacks.