“My SCADA System is Secure” and other Security Myths
Abstract:Many utility managers believe their SCADA systems and networks are protected from tampering. They may utilize state-of-the-art firewalls, routers, VPN's, access control and other security measures that are administered by diligent system administrators. But are they really safe? Many times the answer is “no” even though the utility staff think they are impervious. In numerous vulnerability assessments of water and wastewater control systems, penetration studies have found significant vulnerabilities. Security professionals, using free, commonly-available hacking tools, have been able to easily access and control SCADA systems – sometimes within hours and without notice.
This paper is intended to raise awareness regarding several essentials of SCADA and Cyber security, including:
Sources of threats and how security professionals view the probability of attack.
Known vulnerabilities to SCADA systems, potential points of attack and common ways a hacker could enter a system.
Industry efforts to provide better security of SCADA systems
Legislation that would require Wastewater Systems to perform Vulnerability Assessments that include the SCADA and Cyber networks and systems
Included throughout this paper are several security “Myths”. These “Myths” represent misperceptions that have been encountered in the Water/Wastewater Industries.
Document Type: Research Article
Publication date: 2003-01-01
More about this publication?
- Proceedings of the Water Environment Federation is an archive of papers published in the proceedings of the annual Water Environment Federation® Technical Exhibition and Conference (WEFTEC® ) and specialty conferences held since the year 2000. These proceedings are not peer reviewed. A subscription to the Proceedings of the Water Environment Federation includes access to most papers presented at the annual WEF Technical Exhibition and Conference (WEFTEC) and other conferences held since 2000. Subscription access begins 12 months after the event and is valid for 12 months from month of purchase. A subscription to the Proceedings of the Water Environment Federation is included in Water Environment Federation (WEF) membership.
WEF Members: Sign in (right panel) with your IngentaConnect user name and password to receive complimentary access. Access begins 12 months after the conference or event
- Subscribe to this Title
- Membership Information
- About WEF Proceedings
- WEFTEC Conference Information
- Learn about the many other WEF member benefits and join today
- Ingenta Connect is not responsible for the content or availability of external websites