May 22, 2008
With the increasing proliferation of common networking standards and standard operating systems, the world of Supervisory Control and Data Acquisition (SCADA) systems is joining the rest of the IT world and feeling the menace that faces typical office systems. SCADA systems used to be completely proprietary, designed for single function and separated from "standard" IT networking and systems, but this has been changing fast with adoption of cheaper, commodity components to provide increased flexibility, higher levels of compatibility, and lower costs. Unfortunately, relying on this common "genome" means that SCADA systems may have the same vulnerabilities that we see daily. And common Internet attack vectors may become effective against the systems that are the heart and soul of our most critical infrastructures.
Core Security Technologies released their first advisory for SCADA systems, which details a denial-of-service attack caused by using a malformed packet on the Wonderware SuiteLink; this software runs on the Windows platform. Secure Computing magazine also sheds more light on this particular SCADA issue.
Because we can't reverse this trend, we need to be careful about what we connect to SCADA networks and take the same risk-aware approach to them as we do with any of our other IT systems. Leaving these systems in an unmanaged state with operators and administrators who have little understanding of IT security is a sure recipe for disaster.