“My SCADA System is Secure and other Security Myths
Author: Kubel, David B.
Source: Proceedings of the Water Environment Federation, WEFTEC 2003: Session 71 through Session 83 , pp. 596-602(7)
Publisher: Water Environment Federation
Abstract:Many utility managers believe their SCADA systems and networks are protected from tampering. They may utilize state-of-the-art firewalls, routers, VPN's, access control and other security measures that are administered by diligent system administrators. But are they really safe? Many times the answer is “no even though the utility staff think they are impervious. In numerous vulnerability assessments of water and wastewater control systems, penetration studies have found significant vulnerabilities. Security professionals, using free, commonly-available hacking tools, have been able to easily access and control SCADA systems - sometimes within hours and without notice.This paper is intended to raise awareness regarding several essentials of SCADA and Cyber security, including:<list list-type="bullet"> <list-item>Sources of threats and how security professionals view the probability of attack.</list-item> <list-item>Known vulnerabilities to SCADA systems, potential points of attack and common ways a hacker could enter a system.</list-item> <list-item>Industry efforts to provide better security of SCADA systems</list-item> <list-item>Legislation that would require Wastewater Systems to perform Vulnerability Assessments that include the SCADA and Cyber networks and systems</list-item> </list>Included throughout this paper are several security “Myths. These “Myths represent misperceptions that have been encountered in the Water/Wastewater Industries.
Document Type: Research article
Publication date: 2003-01-01
- Proceedings of the Water Environment Federation is an archive of papers published in the proceedings of the annual Water Environment Federation® Technical Exhibition and Conference (WEFTEC® ) and specialty conferences held since the year 2000. These proceedings are not peer reviewed. WEF Members: Sign in (right panel) with your IngentaConnect user name and password to receive complimentary access.
- Subscribe to this Title
- Membership Information
- About WEF Proceedings
- WEFTEC Conference Information
- ingentaconnect is not responsible for the content or availability of external websites