Published on 04/09/2015 in Tech, tips & tricks
Industrial systems are decisive for the world in which we live. They take many different forms and fulfil a wide range of tasks. They include power stations, hospitals, communication lines, water, transport and factories, to name but a few. They are largely dependent on technology. PLCs (Programmable Logic Controllers) run machines. SCADA systems (Supervisory Control And Data Acquisition) collect and process automatic control engineering signals from installations. “The big problem is that these systems were developed in the pre-internet age”, says Oded Gonda, VP Network Security Products at Check Point. “That makes them vulnerable. What’s more, they are often easier to access than we suspect.” In practice, the SCADA network of a company is very often connected to the ordinary IT network.
We now have examples of hackers who have managed to disrupt the water supply of a region or derail a train. They were often able to penetrate the system via a so-called unpatched published vulnerability. “The suppliers publish information about weak spots in their systems, together with the related patches”, Oded Gonda explains. “But in practice, it often takes quite a while before the company has installed these patches. That gives hackers a chance to strike.” This is why Gonda argues in favor of having all SCADA activity within an organization monitored by an independent party. “First you define what you consider to be normal. That gives you a framework within which you can identify abnormalities and take action if necessary.” The proactive approach seems to be the best option here, too. “Waiting for the budget from the management means waiting for the first attack”, Gonda concludes.