Over the past few weeks a number of events took place that lead to what is referred to as an Ahh Haa! moment, and that is what this weeks blog will address.
News about cyber attacks on industrial control systems (ICS) and supervisory control and data acquisition (SCADA) systems abound. This was a topic covered at the recent BlackHat conferences in the U.S. and Europe.
With that in mind, it was surprising to find out that many CIOs, CISOs and their staff are totally unaware of the SCADA security issues and the growing cyber threats that target these control systems. Many believe their organizations do not have any of the ICS/SCADA systems. They may be shocked to find out that they actually do!
A large percentage of buildings or data centers have HVAC, water filtration units and other common systems that use ICS/SCADA controllers. They may be even more surprised to find out that in many cases, the ICS/SCADA devices are connected to their networks. Even more surprising is the fact that many of the ICS/SCADA devices are equipped with RS422/RS485 modules for longer-distance wireless communications that could extend out as far as 1,000 meters. Yes, that is over a half mile!
If that picture is not bothersome enough, some of these systems have built-in cellular modems so they can be remotely updated or technicians can troubleshoot them. I had to inquire and find out if those devices had firewalls, anti-virus protection or other cybersecurity protection and found out the answer is yea, right!
So here is the news flash: ICS/SCADA controllers are commonly connected to corporate networks and are another area of risk that has fallen through the cracks. These systems are much more common than most believe and must be protected against the growing number of cyber attacks on such devices that could make them a path into your corporate networks.
Now consider that last year it was reported that Chinese attackers breached systems and stole data from a global provider of SCADA systems. You have to wonder, how many ICS/SCADA systems are connected to your networks and what are your risks?