1 min read

SCADA Systems Vulnerable Despite Risk Awareness, Finds SANS Survey

Liviu ARSENE

February 13, 2013

Promo Protect all your devices, without slowing them down.
Free 30-day trial
SCADA Systems Vulnerable Despite Risk Awareness, Finds SANS Survey

A survey of nearly 700 SCADA control systems revealed that security risk awareness is at an all-time high but protection is still lacking, according to the SANS (SysAdmin, Audit, Network, Security) Institute.

Because SCADA systems are predicted to be highly targeted during 2013 as a result of cyber war, the survey conducted revealed that proper security measures to prevent cyber-attacks are falling behind.

SCADA Systems Vulnerable Despite Risk Awareness, Finds SANS SurveyWith state-sponsored malware opening a new age of cyber warfare, SCADA systems were deemed highly vulnerable and likely targeted in future attacks on key infrastructure systems.

“Control system cyber assets are vulnerable, threats are escalating and the industry is aware of these facts,” says survey paper author Matthew Luallen, a senior SANS analyst and SCADA/process control system expert who teaches on this subject at DePaul University. “Stuxnet can be cited for finally raising risk awareness, but some of this awareness is experiential: In the survey, 33% of respondents know or suspect they’ve been breached.”

Mostly focusing on protecting computers operating SCADA devices, such proprietary control systems have little to no security features built-in. The irony is that SCADA systems run “above” protected computers and lack security features.

“This is the first time I have seen a succinct review of the problems faced by all industries using SCADA technologies,” said Barbara Filkins, a SANS analyst, advisor to the survey and healthcare privacy expert. “I’m voluntary president of our mutual water company and our board is considering installing a SCADA system. I will definitely use some of the findings in this survey to help guide our selection.”

Concluding that SCDA systems still lack proper security systems, analysts believe vendors of such solutions should work with security experts to patch vulnerabilities and improve their security.

 

tags


Author


Liviu ARSENE

Liviu Arsene is the proud owner of the secret to the fountain of never-ending energy. That's what's been helping him work his everything off as a passionate tech news editor for the past few years.

View all posts

Bookmarks


loader