Effective Risk Assessment of SCADA/ICS Infrastructure

Cyber attacks on industrial control systems (ICS) and in particular critical Supervisory Control and Data Acquisition (SCADA) systems and manufacturing infrastructure are now a reality. Cyber criminals are targeting power generation facilities, oil & gas facilities, petroleum refining units, water treatment systems, factories, and metropolitan traffic control systems with network breach, data theft, interruption in work, and denial of service activities, making effective risk assessment of ICS and SCADA security systems a critical component of industrial operations.

Most SCADA/ICS systems have some level of perimeter defense, such as firewalls and network segmentation. Although crossing these levels of security is relatively difficult, attackers are using alternate ways to attack critical infrastructure and their operations. For instance, cyber criminals are using remote access ports to enter internal communication channels, convincing an employee to click on a URL link with malicious attachment or making employees use configuration mistakes in security systems.

Reducing Cyber Security Risk Exposure with Effective Assessment

Vulnerability assessment helps to identify and classify security holes in your ICS/SCADA systems or networks. Vulnerability is a weakness in the network which allows an attacker to reduce a system’s information assurance, either due to system’s susceptibility to a flaw or attacker’s capability to exploit the flaw. Conduct vulnerability assessment of your critical infrastructure to:

  • Review Security Architecture: It helps to analyze the SCADA/ICS environment and the security controls in place along with the connectivity between SCADA environment and corporate network.
  • Test Critical Infrastructure Security: It helps to find out vulnerabilities in ICS/SCADA security systems such as routers, firewalls, database systems, and control servers.
  • Review Wireless and Remote Access: Identify vulnerabilities and weakness in remote access and wireless access into the environment, which could allow attackers to enter the SCADA/ICS network.

Vulnerability Assessment should be complemented with Penetration Testing

A penetration test duplicates the actions of an attacker by safely trying to exploit vulnerabilities identified in the vulnerability assessment process. The goal of penetration testing is to determine whether unauthorized access or other malicious activity is possible from inside the SCADA or ICS network. A network penetration test will help you to:

  • Identify security flaws present in the environment and opportunities that hackers may use to compromise systems
  • Understand the level of risk for your organization by finding where your organization is lacking in ICS and SCADA security.
  • Help address and fix identified network security flaws by effectively remediating any issues uncovered during penetration test.

An independent vulnerability assessment and penetration testing of your ICS security and SCADA security posture provides reassurance to your regulators, employees, and customers that cyber security is effectively managed and governed by your government.