Attacks on critical infrastructure are increasingly sophisticated and potentially catastrophic.
What’s Important
- SCADA infrastructure control networks are high profile targets for cyber-criminals.
- The essential role of national infrastructure demands the best encryption security – i.e. high-assurance encryption.
- There are more vulnerabilities in SCADA networks than meet the eye.
All it takes is one deliberate and successful attack on a country’s critical infrastructure for cyber-crime to become cyber-terrorism.
Even the best defence of infrastructure control systems (SCADA networks) may not be effective at preventing a catastrophic network breach.
Only through the use of dedicated, high-assurance network data encryption can you ensure that unauthorised access or rogue data inputs are ineffective.
A recent WIRED article takes a look Inside the Cunning, Unprecedented Hack of Ukraine’s Power Grid.
Wired Article
It was 3:30 p.m. last December 23, and residents of the Ivano-Frankivsk region of Western Ukraine were preparing to end their workday and head home through the cold winter streets. Inside the Prykarpattyaoblenergo control centre, which distributes power to the region’s residents, operators too were nearing the end of their shift. But just as one worker was organizing papers at his desk that day, the cursor on his computer suddenly skittered across the screen of its own accord.
He watched as it navigated purposefully toward buttons controlling the circuit breakers at a substation in the region and then clicked on a box to open the breakers and take the substation offline. A dialogue window popped up on screen asking to confirm the action, and the operator stared dumbfounded as the cursor glided to the box and clicked to affirm. Somewhere in a region outside the city he knew that thousands of residents had just lost their lights and heaters.
The operator grabbed his mouse and tried desperately to seize control of the cursor, but it was unresponsive. Then as the cursor moved in the direction of another breaker, the machine suddenly logged him out of the control panel. Although he tried frantically to log back in, the attackers had changed his password preventing him from gaining re-entry. All he could do was stare helplessly at his screen while the ghosts in the machine clicked open one breaker after another, eventually taking about 30 substations offline. The attackers didn’t stop there, however. They also struck two other power distribution centers at the same time, nearly doubling the number of substations taken offline and leaving more than 230,000 residents in the dark. And as if that weren’t enough, they also disabled backup power supplies to two of the three distribution centers, leaving operators themselves stumbling in the dark.
Read the original article in full.
As with all data networks (including fibre or capper) industrial control systems and SCADA networks are not inherently secure.
The threat landscape includes more than just data theft, privacy, and loss of intellectual property. It extends to the networks over which our critical infrastructure and industrial assets are controlled.
Industrial and infrastructure control system networks have become major targets for cyber-criminals and cyber-terrorists alike.
By taking control of these systems or inputting rogue data, hackers may cause significant financial damage, large scale public inconvenience or even catastrophic loss of life.
Senetas High-Assurance Encryption Comments
Not all data breaches are malicious in nature, some are the result of negligence or simple human error; but a breach is a breach.
Whatever the origin of a network data breach, the negative impacts are common across all industry sectors. However, in the case of SCADA networks and infrastructure controls systems, the potential scale of the impact is massive.
Use of high-assurance encryption can provide an essential last line of defence against network breaches. If the network itself cannot be secured, the best option is to secure the sensitive control systems data moving across it. That way, when the system is hacked, the data is rendered useless.
Not all encryption models are the same. Whilst most utilise a standards-based encryption algorithm, many encryption solutions are not as robust as they could be.
To be high-assurance a network encryption product must:
- Utilise state-of-the-art encryption key management (using securely stored, encrypted, client-side keys)
- Provide true, end-to-end authenticated encryption
- Apply standards-based encryption algorithm
- Be dedicated to the task of encryption, without any access points