New Threats to Utility SCADA Systems

Mission Critical Systems for the Energy Industry

Supervisory Control and Data Acquisition (SCADA) systems that collect and manage data across a large facility from a central computer, play a major role in the utility industry, helping to manage large and diverse information loads from power plants of all types. Interconnectivity has made these systems increasingly vulnerable to cyber attacks.

The Growing Vulnerability of SCADA Systems

The control systems for the electric grid used to operate in a stand-alone environment without computer or communication links to an external Information Technology (IT) infrastructure. Over the past fifteen years such stand-alone enclaves have been increasingly connected to both the corporate environment and the external world, and the utility SCADA systems are no exception. Computer and communication network interconnection brings with it the
potential for cyber attacks on these systems by adversaries. This is a critical problem since such an attack can affect several entities across the country simultaneously. Such attacks have the enhanced potential to cause a cascading negative effect to the Bulk Power System.

SCADA System Threats Are More Vulnerable Than Ever

• SCADA systems are coming in line with standard networking technologies. The current generation of SCADA systems is increasingly using open system architecture to distribute functionality across a wide-area network (WAN) for communication between the master station and communications equipment.
• SCADA systems are becoming ubiquitous. Thin clients, web portals, and web-based products are gaining popularity with most major vendors. The increased convenience of end users viewing their processes remotely introduces security considerations resulting in SCADA-based systems being vulnerable to cyber-attacks.
• The mission-critical nature of a large number of SCADA systems makes them targets of cyber-terrorist. In a worst case scenario, failure of a SCADA system could cause massive financial losses through loss of data or actual physical destruction, misuse or theft, even loss of life, either directly or indirectly.
• SCADA systems no longer have the benefit of security-through obscurity that may have existed in the past from the use of specialized protocols and proprietary interfaces. Increasingly, SCADA networks are being connected to the Internet.
• Similar to other networked technologies, SCADA networks must have physical, administrative, and technical security safeguards.
• Security and authentication in designing, deploying, and operating SCADA networks is paramount. For example, security devices such as IPS/IDS, firewalls, and other technological security measures must be deployed to help protect SCADA systems. Automated security information management solutions are also needed to help consolidate the security logs across the SCADA system wide-area network.