SCADA Part 2: Mission critical, highly vulnerable, almost un-protectable.

by Daniel Lakier

Hey folks, I’m back with my second installment on protecting the un-protectable.

Last week we discussed the SCADA environment and some of the unique business and technology challenges we face when trying to secure it both from availability and cyber security hazards. The questions you are all asking yourself now are “how did we get here?” “Why would anyone build anything this insecure?” The answer is so simple … we never anticipated these networks would communicate with the outside world. PCD and SCADA environments were meant to be “closed loop” and therefore air-gapped (If you’re air gapped, you don’t need security, right? Ask Iran about the Natanz nuclear facility). If you think about it, that was a perfectly good assumption. Why would factory machinery ever need to access the internet, or a power plant, or an oil rig… I could go on and on. However, this paradigm changed for two reasons.

1) Manufacturers wanted data. They wanted this data so they could analyze why two of the exact same machines could have different output, or to see predictive failures.

2) Later on, we wanted to change the system environments to compensate for the parameters we had received from the data to optimize performance and/or to stop failures before they happened (an example of this would be varying the turbine speed at a power plant during warm and cold months in order to optimize power output. The ability to do this manually saves thousands of dollars each year and allows manufacturers to scale their support exponentially).

Read more: