Posted to Technical on 6th Sep 2010, 20:40 Share:

SCADA system security - act now before your system is attacked!

As attacks on SCADA systems by the Stuxnet virus increase, Norman Data Defense urges automation specialists to review the security of their control system, as many will not currently be protected.

There is no doubt that criminals, hackers and virus distributors have SCADA systems in their sights. And, according to a leading data defence specialist, this is just one illustration of how much the manufacturing, engineering and infrastructure industries are at risk.

David Robinson, UK and Ireland country manager for Norman Data Defense Systems, says: "Large organisations are at risk as much as smaller companies. Recent attacks on their control systems show just how 'at risk' these and many other organisations that operate these systems are."

The recent security breach of a major automation company was reportedly caused by the Stuxnet virus being carried on a USB memory stick. This new type of virus has a boot file built-in; this activates as soon as the memory stick is powered up on insertion into a USB port. But, warns Robinson, who has fifteen years experience working with companies such as Mistubishi, Rockwell and Intelluition working on SCADA and plant intelligence software, "it is not just memory sticks that are putting these systems at risk. These days anyone with a laptop or a device that connects remotely to a wireless network inside a company's firewall is putting that company at risk. It will just be a matter of time before Stuxnet is evolved to wreak havoc on control systems and any other system that the user connects to if their laptop or portable device is infected."

Staff less cautious at work

Norman Data Defense recently carried out research among ordinary workers and found that over half of people surveyed are more cautious with security issues when using their own PC/laptop than they are with their work one. And over three-quarters of people would expect a pop up to appear on their screen to alert them to a breach of security, which, of course, is not always going to happen.

Microsoft has issued patches to help users on Windows systems to protect themselves against Stuxnet, but, warns Robinson: "My fear is that, with patch management protocols rarely in place in a control system environment, these warnings will go unheeded."

Automation specialists should not think that they can rely on security patches from Microsoft or, indeed, other suppliers of operating systems, as many industrial processes use legacy controls that run on operating systems that are no longer supported.

David Robinson offers the following message to industry:

  • Do not ignore the threat (as many business have found to their cost, the threat is real)
  • Be proactive (it is far cheaper than being reactive after a security breach has occurred)
  • Get secure now (do not be put off by people who say solutions are not available for legacy systems
  • because they are available)
  • The cost to a business can be substantial if a security breach occurs and causes unplanned downtime
  • Always install software patches

Norman describes itself as a world leader and pioneer in proactive content security solutions and forensics malware tools. The company offers malware analysers, network security and endpoint protection systems to meet customers' security needs.

Norman Data Defense Systems (UK) Ltd

Exchange House
494 Midsummer Boulevard
Milton Keynes
MK9 2EA
UNITED KINGDOM

+44 (0)1908 255990

info@normanuk.com

www.norman.com

More technical articles
2 days ago
maxon is giving away a Swiss Army Knife every day in December
maxon has launched its 2023 Advent Calendar, giving away a classic Victorinox Swiss Army Knife every day in December until Christmas Eve. To enter maxon’s Advent Calendar, visit the maxon prize draw 2023 and click on the door for the corresponding day.
2 days ago
Yaskawa commits to UK with state-of-the-art facility
Yaskawa – a global technology supplier in segments drives, motion controls and robotics – is opening a new, state-of-the-art UK headquarters and manufacturing facility in Sunderland.
4 days ago
NSK bearings help pet food plant raise OEE
When a major UK pet food producer wanted better machine utilisation with the aim of raising its OEE (overall equipment effectiveness) by 3 points, it asked experts at bearing specialist NSK if they could evaluate processes and systems to help with this improvement goal.
5 days ago
Beckhoff UK and HepcoMotion’s mechatronics showcase takes centre stage
Automation technology specialist Beckhoff UK, in collaboration with leading manufacturer of linear motion systems, HepcoMotion, hosted a mechatronics showcase at MK7, the home of Oracle Red Bull Racing in Milton Keynes, with several innovations from both companies on display, as well as a brand-new product reveal – the GFX-r guidance system.
5 days ago
PPMA re-brand puts automation at the heart of UK manufacturing
The PPMA Group of Associations has re-branded and has changed its name to AutomateUK to better represent the needs of its membership and their end user customers in the ever-changing manufacturing landscape.
1 day ago
steute Technologies restructures its business fields
steute Technologies, an international technology company offering switches, intelligent sensors and wireless systems, has announced a comprehensive restructuring of its business fields.
1 day ago
Showcasing design, production and process engineering in the food and drink sect
Taking place on 1 May 2024 at the National Motorcycle Museum, Food Manufacturing Live serves the design, production, process and maintenance engineering teams across the UK food and drink manufacturing sector.
2 days ago
Understanding safety and security for the protection of human and machine
How do you master employee protection, liability protection, productivity and data protection? How do you increase your quality and simultaneously prevent manipulation on your machines? How do you protect your data and employees in equal measure? Pilz is hosting a free webinar on 15 December, 9:30-10:30 am, to address just these questions.
2 days ago
Schaffner opens new regional channels for its range of EMC solutions
EMC solutions provider, Schaffner, announces new partnerships with three distributors to further broaden the reach and scope of its product range and support services across Europe. The new agreements with Telerex, CATS and DSL Components will open new supplier corridors and enable customers to have local and faster access to products.
2 days ago
New SCARA robot transforms pick-and-place and assembly operations
ABB Robotics is expanding its industrial SCARA robot portfolio with the addition of the IRB 930. The new robot, compromising three variants capable of handling 12 kg and 22 kg payloads, has been designed to meet the demands of new growth opportunities in traditional and new markets.

Login / Sign up