The SCADA Security Troika

The SCADA Security Troika

Henry Dalziel | SCADA News and Training | May 1, 2013

Three companies have agreed a joint development agreement to promote and develop a proactive response to the SCADA threat currently facing the United States. The companies: Logos Technologies, Global Velocity and MAVERICK Technologies aim to firm up the nation’s infrastructure from Cyber Attacks.

We have extensively blogged about SCADA security and offer a SCADA training package so this news is of great significance to us here at Concise Courses.

Incidentally – if you are interested in SCADA, make sure you attend our live demo May 21st in which Marcello Branquinho (SCADA expert who is in the task group revising the ANSI/ISA-99 standard). In the demo Marcello and his team are going to show how ‘Hackers can destroy an automation plant using SCADA malware infection within a USB flash drive payload.’

For those that just stumbled on this post, Supervisory Control and Data Acquisition (SCADA) systems remotely monitor, manage and control industrial operating systems at facilities like nuclear power plants, water treatment facilities etc – clearly all vital to any nation’s security. The key point and why this is big news is that these SCADA systems, in layman terms, are weak – they were designed well before the Internet reached a level of maturity and as such are vulnerable to attack. If you need proof just think about Stuxnet and you’ll have the reason why SCADA threats are big news.

Frank Purdy from Logos Technologies sums it up well:

“In the age of cyber warfare, we must take care to safeguard our physical infrastructure from hackers, and properly securing SCADA systems requires the right mix of capabilities and experience.”

The agreement centers around being able to pool resources to secure SCADA systems with the goal of developing a ‘Cyber Sensor Integration (CSI)’ solution to help shore up SCADA defences.

Another key point about SCADA worth mentioning – which is kinda obvious but now known by all those within the information security industry is that most facilities using SCADA systems are privately owned. However, given the fact that these organizations and associated (potentially vulnerable) systems serve millions of Americans, the Department of Homeland Security is obviously paying attention.

The fact that advanced persistent threats are constant, with our recent post on the world’s biggest cyber attack only last week, all indicate that this is a serious issue that needs to be addressed today, not tomorrow.

Leave a comment or reply below...thanks!