SCADA systems adoption is growing at an annual growth rate of 6.6%. It is, therefore, essential for organisations to understand potential SCADA cybersecurity threats, as well as the best practices to implement to their business. Which is why we at ELEKS have compiled a guide on threats to recognise, and the SCADA cybersecurity best practices to implement.

Supervisory Control and Data Acquisition (SCADA) is a system of software and hardware elements allowing industrial organisations to gather and monitor real-time data. SCADA can also control industrial processes (locally or remotely), record events into a log file and directly network with devices like valves, motors, pumps, and sensors. SCADA systems often manage Industrial Control Systems (ICS).

Industrial Control Systems (ICS) are typically used in such industries as electric power, water and wastewater, oil and natural gas, transportation, chemical, pharmaceutical, pulp and paper, food and beverage, and discrete manufacturing (e.g., automotive, aerospace, and durable goods). SCADA systems are often found in the industrial control sectors and are generally applied to manage dispersed assets using centralised data acquisition and supervisory control.

SCADA provides revolutionary data for organisations. For instance, a SCADA system can quickly notify an operator if a batch or product is showing an unusually high number of errors. This notification of an error allows the operator to resolve the issues and prevent further problems and loss of the product. Such SCADA systems are essential for industrial organisations. They help maintain efficiency, communicate system issues so that it can help alleviate downtime, and the real-time data it produces can be used to formulate smarter decisions.

Industry Control Systems have become widely used in the manufacturing industry, and Transparency Market Research predicts the global ICS market will grow from $58 billion in 2014 to a huge $81 billion by 2021. In the same vein, SCADA systems are growing at an annual growth rate of 6.6%.

Due to this increase in demand and use of SCADA and ICS, it is crucial to have the best SCADA cyber security measures in place, especially since a large number of government agencies and organisations have encountered significant security challenges. Such issues include providing new technologies and partners with a high level of access into an organisation’s systems, introducing the potential for outside hackers who can infiltrate their control systems.

SCADA cyber security threats and weaknesses

The data clearly shows that industrial control systems continue to be soft targets for adversaries. According to CyberX 2019 Global ICS & IIoT Risk Report:

40% of industrial sites have at least one direct connection to the public internet

53% of sites have obsolete Windows systems such as Windows XP

69% of sites have plain-text passwords traversing their ICS networks

57% of sites aren’t running anti-virus protections that update signatures automatically

16% of sites have at least one Wireless Access Point

84% of industrial sites have at least one remotely accessible device

NIST Special Publication 800-82 Guide to Industrial Control Systems (ICS) Security states that possible incidents an ICS may face include the following:

Blocked or delayed flow of information through ICS networks, which could disrupt ICS operation.

Unauthorised changes to instructions, commands, or alarm thresholds, which could damage, disable, or shut down equipment, create environmental impacts, and endanger human life.

Unauthorised changes to instructions, commands, or alarm thresholds, which could damage, disable, or shut down equipment, create environmental impacts, and endanger human life. Inaccurate information sent to system operators, either to disguise unauthorised changes or to cause the operators to initiate inappropriate actions, which could have various adverse effects.

ICS software or configuration settings modified, or ICS software infected with malware, which could have multiple negative effects.

Interference with the operation of equipment protection systems, which could endanger costly and difficult-to-replace equipment.

Interference with the operation of safety systems, which could endanger human life.

Control systems can face threats from numerous sources, including hostile governments, terrorist groups, disgruntled employees, malicious intruders, accidents and natural disasters as well as malicious or accidental actions coming from insiders. It’s crucial for businesses to keep the following threats and vulnerabilities in mind: