One of the growing problems with SCADA security, at least in terms of awareness, is the rogue PC workstation. Too often we will find workstations attached to SCADA systems that are directly attached to the internet so the operator can get his/her email or sports scores, what have you. Now if proper controls are put in place such as Websense to monitor web traffic and a good antivirus solution this will go a long way to mitigating problems such as what happened in Japan. A third party firm that had been hired to handle physical security at Chubu Electric Power co. leaked information onto the internet when some knothead installed a file sharing program on it. My brain hurts. We are talking about systems that handle to power grid for a country, in this case Japan. There is no excuse for this type of behaviour.
The incident is the second leak for Japan’s energy industry in a year. Last June, a virus-infected computer at a nuclear power plant leaked about 40MB of sensitive documents to the Internet, according to reports.
The U.S. energy industry is not without its share of incidents, either. In 2003, the Slammer worm penetrated a private computer network at Ohio’s Davis-Besse nuclear power plant and disabled a safety monitoring system for nearly five hours. The next year, the United Nations warned governments that cyber attacks on nuclear plants posed a real threat.
The adoption rate of proper security architecture by power generation and distribution companies has been very slow. This is going to turn around and bite us one day very soon as more and more these companies increase their interconnections.
[tags]SCADA Security, SCADA, Virus, DHS, Power[/tags]