You’ve Got Data. Is it Safe? Protect your SCADA.

Posted on May 24th, 2021
Posted in Uncategorized   

As industrial facilities continue to become more and more digitized and automated, protecting operational technology (OT) has become as critical as protecting information technology (IT). The ransomware attack that resulted in the shutdown of the Colonial Pipeline is yet another reminder to operators on the necessity of identifying and mitigating all IT/OT security vulnerabilities.

Supervisory Control and Data Acquisition (SCADA) networks are vital to virtually every service and commodity (oil, natural gas, electricity, water, waste treatment, gasoline, transportation) around the world. Protecting this critical infrastructure from the multitude of cyber threats present today is as essential as protecting financial information, proprietary data, etc.

With today’s rapid advancement in technology, even familiar security standards like the Purdue Model are becoming somewhat outdated. Having a comprehensive understanding of new technologies and existing infrastructure is a must when determining the necessary security measures to implement. The considerations here are very broad. Does legacy equipment need replacing, or can firewall appliances provide sufficient security? Do old communication protocols need updating? What are your requirements for encryption? Do you require device authentication AND user authentication AND VPN authentication? Can utilizing cloud technologies remove levels of vulnerability within your networks? Would using a Publish and Subscribe broker be a good fit for your business? Are all physical ports on field devices such as RTU’s appropriately disabled? Does your organization sufficiently enforce the proper use of user credentials?

One possible perspective on SCADA security is to audit your industrial facilities both from the outside in and the inside out. The outside-in approach evaluates communication endpoints such as modems and radios that connect the field to business and operations units. The inside-out approach is a deeper-dive audit into the field to look at all physical ports and interfaces that exist on every field device throughout your assets. These connection points offer easy physical access to SCADA systems with little or no security measures. Halker’s Automation Engineering team can help you comprehensively identify vulnerabilities and collaborate with you on a path forward to more robust OT security.