Trend Micro Secures SCADA Environments

• Email
• Print
• ( 0 )
• 

Trend Micro, a global cloud security leader and long-time innovator in mobile security has announced that the software used in SCADA environments came under renewed scrutiny, as attack code exploiting dozens of serious vulnerabilities in widely used programs, was published.

Programs sold by Siemens, Iconics, 7-Technologies, Datac, and Control Microsystems were apparently affected. In some cases, the flaws may be used to remotely execute code when the so-called supervisory control and data acquisition software is installed on machines connected to the internet. Two separate organizations released the code.  The published information includes proof-of-concept exploit code for at least 34 vulnerabilities in widely used SCADA programs. SCADA actually refers to any control system, so covers everything from Nuclear Power Plants, to the machine that sews a logo into a pair of trainers! If breached, it may pose a threat to national security, or perhaps just affect a manufacturing line. Protection for SCADA Networks needs to reflect the actual setting in which it is used. SCADA networks span a set of industries which have traditionally enjoyed relative segmentation because process control software was closed & proprietary, and not connected to the global Internet.
 
In recent times, this situation has changed.  These industries (e.g. manufacturing, oil & gas, water processing, etc.) are now using off-the-shelf software platforms (e.g. MS Windows) and management platforms designed & created by specific vendors (e.g. Siemens, Johnson Controls, etc.).  Additionally, new hardware designed for these environments often now includes ports such as Ethernet and in some cases the devices are even wireless equipped. This is ideal for business optimization strategies, and large installations.  However, serious consideration needs to be given before activating or enabling such accessibility in critical environments. It’s worth remembering that attackers most often target common platforms. It’s essential to protect the platform but in SCADA environments it is often difficult or impossible to patch them - as they may be legacy programs (eg. Windows 2000) or no patch is available anymore.
 
Policy and Process Advice to Help Secure SCADA Environments:
Build an Air-Gap between the networks – Deep consideration should be given as to the absolute necessity of connecting Critical Infrastructure to other networks or the Internet. The safest way to ensure critical infrastructure is secure is to ensure there is a physical gap between the networks.  
 
Ensure best practice security is followed – Such as disabling USB and other access, and ensuring proper physical security mechanisms is a must. Treat every SCADA environment as unique – SCADA spans multiple industries – some relate to critical infrastructure, others to manufacturing. Recognition of this individual environment is essential when planning and implementing security for the network.
 
 More often than not, owing to the way in which SCADA networks are implemented and used, traditional security measures, such as antivirus, cannot be implemented on a device or to a system.  Trend Micro’s technology offers multiple other choices, a few of which are covered below.