Remote - Spring 2012 - (Page 8)

Feature Article SCADA Security for Remote Operations in the Water and Wastewater Industries Kevin L. Finnan, Vice President, Marketing CSE-Semaphore Operators of water and wastewater SCADA systems are facing up to the fact that their systems are no longer sailing under the cyber security radar. Until recently, the industry was able to point to only a single attack, which took place in Australia in 2000. As reported by news.com.au and other sources, a disgruntled former employee of the contractor who installed a computer system for the Maroochy Shire Council hacked into the system. According to a court statement, “He applied for a job with the council but was rejected and later hacked into the council’s sewage control computers, using radio transmissions to alter pump station operations. Up to one million litres of raw sewage flowed into the grounds of the Hyatt Regency Resort at Coolum and nearby Pacific Paradise, where it ended up in a storm water drain. The hacker was able to access the system and operate remote site equipment on 46 occasions. While this attack illuminated numerous, potential vulnerabilities in SCADA systems, many operators apparently focused on the fact that the hacker was an insider and prioritized on personnel measures over cyber security. Improving cyber security is not a simple undertaking. Industry groups have been working to provide users guidance in performing vulnerability assessments, designing solutions, implementing security measures and operating secure systems. Add budgeting into the mix and the process can take years. Released in 2008 by the Water Sector Coordinating Council Cyber Security Working Group, the “Roadmap to Secure Control Systems in the Water Sector” illustrates the time and effort involved. The vision is that in 10 years, industrial control systems for critical applications will be designed, installed and maintained to operate with no loss of critical function during and after a cyber event. Meanwhile, the cyber world has discovered SCADA. The Stuxnet malware attack should have clearly illustrated this. Yet, some operators maintain a “can’t happen here” or, more to the point, a “probably won’t happen here” attitude. Although Stuxnet targeted a SCADA system, a common perception is that such a well-funded, covert operation is unlikely to be used against the water or wastewater industry. A more recent attack, reported in a Nov. 18, 2011 article in the Washington Post, is of perhaps even greater concern. According to the article, “News of the incident became public after Joe Weiss, an industry security expert, obtained a report dated Nov. 10 and collected by an Illinois state intelligence center that monitors security threats. The report describes how a series of minor glitches with a water pump gradually escalated to the point where the pump motor was being turned on and off frequently. It soon burned out, according to the report. The Illinois report said that hackers broke into a software company’s database and retrieved user names and passwords of control systems that run water plant computer equipment. Using that data, they were able to hack into the plant in Illinois. While the investigation is still underway and it is too early to draw conclusions, experts “agreed that the incident was a major new development in cyber-security.” This attack shares many similarities to the series in Australia in 2000. In both cases, hackers penetrated a SCADA system and operated pumps in order to cause damage. The key difference is that the most recent attack was apparently conducted completely by outsiders in another country. Since the attack was also nowhere near as sophisticated as Stuxnet, the threats of repeat episodes and imitations are realistic. With an imminent threat on their hands, operators are reviewing SCADA security measures to date. What are they doing now to enhance SCADA security? Today, technology exists to design and implement measures within remote terminal units (RTUs) and SCADA networks. The following 8 www.RemoteMagazine.com such measures, all of which have been put into practice, will meet emerging industry requirements: • Password maintenance • HTTP security • Firewall • Virtual Private Network (VPN) • Authentication Protecting account information and maintaining passwords are the most basic security measures and should collectively be first on the list of measures to implement, now. The fact that many RTU devices on today’s market feature integral web servers substantially increases the emphasis on security. HTTP log-in using a password is the minimum measure. Account maintenance practices should follow the same process as non-HTTP password maintenance. For RTU devices with web servers, access protection HTTPS, or “HTTP Secure,” via HTTP login is among the most basic measures to is the hypertext transfer implement and should be readily configured on a menu. protocol with encryption using the SSL or TLS protocol. It is now available as an add-on, which allows access to the integral web server in the RTU using HTTPS. Simple menu interactions allow the user to configure the TCP ports for HTTP and HTTPS, whether HTTP is blocked, and to specify a certificate file name. A firewall is a device or software capability that is designed to allow or deny network transmissions based upon a set of rules. The firewall is used to protect networks from unauthorized access while allowing legitimate communications to pass. Firewalls are finding their way into the more sophisticated RTU products on the market. The firewall provides access protection for any incoming or outgoing IP connection. Ethernet ports and cellular, e.g. GPRS connections can be protected using the firewall. Menu interaction allows the user to define one or more rules to allow or deny access. Users are warned to be sure they completely configure firewalls, otherwise an outside party could still be able to access the network. Password Maintenance HTTP Security Firewall In this example, access is to the RTU is allowed only to a PC with a specified IP address. http://news.com.au http://www.RemoteMagazine.com

Table of Contents for the Digital Edition of Remote - Spring 2012

Remote - Spring 2012
Xenon Releases T925 Wireless Cellular Controller
Remote and Condition Monitoring of Oil and Gas Sites: Key Benefits of Wireless Sensor Networks
SCADA Security for Remote Operations in the Water and Wastewater Industries
Cloud-Based SCADA for the Oil and Gas Industry
Using LabVIEW and the LabVIEW DSC Module to Develop Tongkat Ali Extraction Plant SCADA System
Fieldbus Foundation Unveils Foundation for Remote Operations Management
Cinterion Launches New M2M Module
Infinite Power Solutions Release Thinergy Micro Cell Product
New Auto Tracking Dome Camera from Hikvision
Alico Systems Releases Turn-Key Programmable Sensor Development Kit
ISA100 Wireless Standard Approved as American National Standard
Calendar of Events

Remote - Spring 2012

https://www.nxtbook.com/nxtbooks/webcom/remote_2016winter
https://www.nxtbook.com/nxtbooks/webcom/remote_2016fall
https://www.nxtbook.com/nxtbooks/webcom/remote_2016
https://www.nxtbook.com/nxtbooks/webcom/remote_2016spring
https://www.nxtbook.com/nxtbooks/webcom/remote_2015fall
https://www.nxtbook.com/nxtbooks/webcom/remote_2015m2m
https://www.nxtbook.com/nxtbooks/webcom/remote_2015spring
https://www.nxtbook.com/nxtbooks/webcom/remote_industrialnetworking2014
https://www.nxtbook.com/nxtbooks/webcom/remote_2014fall
https://www.nxtbook.com/nxtbooks/webcom/remote_2014m2m
https://www.nxtbook.com/nxtbooks/webcom/remote_2014spring
https://www.nxtbook.com/nxtbooks/webcom/remote_2013winter
https://www.nxtbook.com/nxtbooks/webcom/remote_2013m2m
https://www.nxtbook.com/nxtbooks/webcom/remote_2013fall
https://www.nxtbook.com/nxtbooks/webcom/remote_2013summer
https://www.nxtbook.com/nxtbooks/webcom/remote_2013spring
https://www.nxtbook.com/nxtbooks/webcom/remote_2012winter
https://www.nxtbook.com/nxtbooks/webcom/remote_2012m2m
https://www.nxtbook.com/nxtbooks/webcom/remote_2012fall
https://www.nxtbook.com/nxtbooks/webcom/remote_2012summer
https://www.nxtbook.com/nxtbooks/webcom/remote_2012scada
https://www.nxtbook.com/nxtbooks/webcom/remote_2012spring
https://www.nxtbook.com/nxtbooks/webcom/remote_201112
https://www.nxtbook.com/nxtbooks/webcom/remote_201110
https://www.nxtbook.com/nxtbooks/webcom/remote_201108
https://www.nxtbookmedia.com