Protecting critical infrastructure facilities from Cyber Attacks

The recent decade has seen the industrial systems shifting from analog to digital mechanics rapidly. While this is a necessary step for modernizing systems and bringing in automated processes and workflows, these changes have inherently added to cyber security risks, especially for critical urban facilities which rely heavily on IT infrastructures.
Moreover, the escalation in the availability of malicious trojans, viruses, malware and other notorious hacking tools means that even the smaller infrastructural sites are potential security breach points. For instance, the same tool which was used by hackers for breaching into Sony recently can be purchased online by anyone. Intrusions inside critical infrastructure can cause severe service outages leading to significant data loss, possible disruption in the supply of civic amenities with the potential to create life-threatening situations.

Since most of the urban infrastructures such as power and energy, defense and security, manufacturing, refineries and utilities use SCADA systems for automation, a breach in the IT network can cause significant process disruption on a large scale with potentially disastrous aftermaths.

Common Cyber Attacks on Critical Infrastructures

Below are some of the most common infrastructure attacks which the security personnel must be ready to face:

a. Exploitation of remote access ports used by the vendors during maintenance tasks.

b. Intercepting and breaching legitimate channels which allow SCADA/ICS communication.

c. Convincing users to click on links which imitate safe sites. These are usually present in emails and websites and allow attackers to access workstations using the network breach.

d. Infecting external devices such as tablets, laptops and removable portable media and then gaining access to workstations when these infected devices get connected to the network with SCADA systems.

e. Taking advantage of configuration errors in connected or security devices.

Typically, the attacks which make the SCADA systems vulnerable to intruders are usually similar to attacks which are experienced by enterprises almost on a daily basis. However, with regular maintenance and periodic updates, such threats can be sized down considerably, as there are a number of cyber security solutions available today for protection purposes.

How to protect against cyber attackers?

Keeping in mind attempted hacks on critical infrastructure over the last decade, the government has laid down stringent policies which help forfeit attempts to disrupt process workflows in these plants and workstations. Apart from this, certain standards and audit mechanisms have also been developed for implementing cyber security. As of now, there are 9 standards and 45 requirements in the United States, which provide critical infrastructure with comprehensive blueprints against protection from cyber threats.

These measures, if taken in all sincerity by the manufacturers, can help in implementing effective security standards for SCADA systems and infrastructures. Not only is deploying solutions important, but also, protection auditing mechanisms for monitoring the working of these systems, estimating the effects and aftermaths of a possible breach and how to prevent them should also be of prominence. The organizations working with sensitive infrastructure and complex automation workflows must consult experienced vendors to ease the process of implementing standards and audit procedures.

 

Related Posts

Why you need to prevent cyber attacks on your automated plants and service infrastructure!

SCADA Vulnerability Assessments

Vulnerabilities in a SCADA system

Understanding SCADA network threats