For VendorsBlog
Login

ICS/SCADA Cyber Security

ICS/SCADA Cyber Security

SCADA security is the practice of protecting supervisory control and data acquisition (SCADA) networks, a common framework of control systems used in industrial operations. These networks are responsible for providing automated control and remote human management of essential commodities and services such as water, natural gas, electricity and transportation to millions of people. They can also be used to improve the efficiencies and quality in other less essential (but some would say very important!) real-world processes such as snowmaking for ski resorts and beer brewing. SCADA is one of the most common types of industrial control systems (ICS).

These networks, just like any other network, are under threat from cyber-attacks that could bring down any part of the nation's critical infrastructure quickly and with dire consequences if the right security is not in place. Capital expenditure is another key concern; SCADA systems can cost an organization from tens of thousands to millions of dollars. For these reasons, it is essential that organizations implement robust SCADA security measures to protect their infrastructure and the millions of people that would be affected by the disruption caused by an external attack or internal error.

SCADA security has evolved dramatically in recent years. Before computers, the only way to monitor a SCADA network was to deploy several people to each station to report back on the state of each system. In busier stations, technicians were stationed permanently to manually operate the network and communicate over telephone wires.

It wasn't until the introduction of the local area network (LAN) and improvements in system miniaturization that we started to see advances in SCADA development such as the distributed SCADA network. Next came networked systems that were able to communicate over a wide area network (WAN) and connect many more components together.

From local companies to federal governments, every business or organization that works with SCADA systems are vulnerable to SCADA security threats. These threats can have wide-reaching effects on both the economy and the community. Specific threats to SCADA networks include the following:

Hackers. Individuals or groups with malicious intent could bring a SCADA network to its knees. By gaining access to key SCADA components, hackers could unleash chaos on an organization that can range from a disruption in services to cyber warfare.

Malware. Malware, including viruses, spyware and ransomware can pose a risk to SCADA systems. While malware may not be able to specifically target the network itself, it can still pose a threat to the key infrastructure that helps to manage the SCADA network. This includes mobile SCADA applications that are used to monitor and manage SCADA systems.

Terrorists. Where hackers are usually motivated by sordid gain, terrorists are driven by the desire to cause as much mayhem and damage as possible.

Employees. Insider threats can be just as damaging as external threats. From human error to a disgruntled employee or contractor, it is essential that SCADA security addresses these risks.

Managing today's SCADA networks can be a challenge without the right security precautions in place. Many networks are still without the necessary detection and monitoring systems and this leaves them vulnerable to attack. Because SCADA network attacks exploit both cyber and physical vulnerabilities, it is critical to align cybersecurity measures accordingly.

Compare of products in the category ICS/SCADA Cyber Security

Please turn the screen for optimal content display

Compare: ICS/SCADA Cyber Security

Characteristics

Abnormal Behavior Detection

Traffic Analysis

Security Orchestration

Passive Monitoring

Automated Asset Discovery

Flow Discovery

PLCs and RTUs Discovery

Network Topology Mapping

Inventory of Devices

View Filters

Forensic Investigations Support

Rogue Device Detection

Zero-Day Threats Detection

Detecting Threats with Context

Changes Monitoring

Vulnerability Assessment Report

ICS Threat Intelligence

Deep-Packet Inspection (DPI)

Zero Impact

Continuous Monitoring

Network Segmentation

Port Mirroring

Multi-site Deployment

Agentless Deployment

Mitigation of Security Events

Data Historian Alerts

Event Log

PLC Setting Modification

Backup and Recovery

Configuration Updates

Perimeter Controls

Integrations

Supported Systems

N/A
Yes
Yes (Purdue Model)
Yes (Purdue Model)
Yes
N/A
Yes
Yes
N/A
Yes
Yes
Yes (Purdue Model)
N/A
  • N/A
  • SIEM
  • SOC
  • Cyberbit EDR
  • SIEM
  • Firewall
  • CMDB
  • IDS/IPS
  • SIEM
  • SOC
  • SIEM
  • CMDB
  • Firewall
  • CMDB
  • SIEM
  • SOC
  • CMDB
  • SIEM
  • N/A
  • IT/OT
  • SOC
  • SIEM
  • N/A
  • IT/OT
  • N/A
  • HMI
  • PLC
  • N/A
  • DCS
  • PLC
  • RTU
  • DCS
  • PLC
  • N/A
  • N/A
  • DCS
  • PAC
  • PLC
  • RTU
  • N/A
  • N/A
  • HMI
  • PLC
  • N/A
  • N/A
Found mistake? Write us.

Suppliers ICS/SCADA Cyber Security

Aegify Inc.

Aegify Inc.

Aegify was created to protect clients’ profitability, assets and employees. Company's mission is to... Read more
Vendor, Supplier
agileSI

agileSI

In December 2010 agileSI was launched as a product within the security integrator SecureLink Germany GmbH.... Read more
Vendor, Supplier
Auxilium Cyber Security GmbH

Auxilium Cyber Security GmbH

Auxilium Cyber Security GmbH is independent information security consultancy company focusing mainly on the... Read more
Vendor, Supplier

F.A.Q about ICS/SCADA Cyber Security

What is the difference between ICS/SCADA cybersecurity and information security?

Automated process control systems (SCADA) have a lot of differences from “traditional” corporate information systems: from the destination, specific data transfer protocols and equipment used and ending with the environment in which they operate. Incorporate networks and systems, as a rule, the main protected resource is information that is processed, transmitted and stored in automated systems, and the main goal is to ensure its confidentiality. In ICS, the protected resource, first of all, is the technological process itself, and the main goal is to ensure its continuity (accessibility of all nodes) and integrity (including information transmitted between the nodes of the ICS). Moreover, the field of potential risks and threats to ICS, in comparison with corporate systems, expands with risks of potential damage to life and health of personnel and the public, damage to the environment and infrastructure. That is why it is incorrect to talk about “information security” in relation to ICS/SCADA. In English sources, the term “cybersecurity” is used for this, a direct translation of which (cybersecurity) is increasingly found on our market in relation to the protection of process control systems.

Is it really necessary?

Need to. There are a number of myths about process control systems, for example: “process control systems are completely isolated from the outside world”, “process control systems are too specific for someone to crack”, “process control systems are reliably protected by the developer”, or even “No one will ever try us hacking is not interesting. ” All this is no longer true. Many modern distributed process control systems have one or another connection with the corporate network, even if the system owners are unaware of this. Communication with the outside world greatly simplifies the task of the attacker but does not remain the only possible option. Automated process control software and data transfer protocols are, as a rule, very, very insecure against cyber threats. This is evidenced by numerous articles and reports of experts involved in the study of the protection of industrial control systems and penetration tests. The PHDays III section on hacking automated process control systems impressed even ardent skeptics. Well, and, of course, the argument “they have NOT attacked us, therefore they will not” - can hardly be considered serious. Everyone heard about Stuxnet, which dispelled almost all the myths about the safety of ICS at once.

Who needs this?

With the phrase ICS/SCADA, most imagine huge plants, automated CNC machines, or something similar. However, the application of process control systems is not limited to these objects - in the modern age of automation, process control systems are used everywhere: from large production facilities, the oil and gas industry, transport management, to smart home systems. And, by the way, with the protection of the latter, as a rule, everything can be much worse, because the developer silently and imperceptibly shifts it to the shoulders of the user.

Of course, some of the objects with automated process control systems are more interesting for attackers, others less. But, given the ever-growing number of vulnerabilities discovered and published in the ICS, the spread of "exclusive" (written for specific protocols and ICS software) malware, consider your system safe "by default" is unreasonable.

Are ICS and SCADA the same thing?

No. SCADA systems (supervisory control and data acquisition, supervisory control and data collection) are part of the control system. Usually, a SCADA system means centralized control and management systems with the participation of a person as a whole system or a complex of industrial control systems. SCADA is the central link between people (human-machine interfaces) and PLC levels (programmable logic controller) or RTU (remote terminal unit).

What is ICS/SCADA cybersecurity?

In fact, ICS cybersecurity is a process similar to “information security” in a number of properties, but very different in details. And the devil, as you know, lies in them. ICS/SCADA also has similar information security-related processes: asset inventory, risk analysis and assessment, threat analysis, security management, change management, incident response, continuity, etc. But these processes themselves are different.

The cyber security of ICSs has the same basic target qualities - confidentiality, integrity, accessibility, but the significance and point of application for them are completely different. It should be remembered that in ICS/SCADA we, first of all, protect the technological process. What, besides, first of all - from the risks of damage to human health and life and the environment.

Materials