Attacks against SCADA systems soar

Worldwide attacks increased from 163,228 in January 2013 to 675,186 in January 2014 says Dell

Global attacks against industrial control systems increased from 163,228 in January 2013 to 675,186 in January 2014 according to a new report by Dell.

The vendor's annual threat report found that the majority of the attacks on Supervisory Control and Data Acquisition systems attacks targeted Finland, the United Kingdom and the United States, most likely because of the prevalence of SCADA systems are more common in these regions.

There were 202,322 SCADA attacks in Finland, 69,656 in the UK and 51,258 in the US.

Buffer overflow vulnerabilities were the primary method used to attack SCADA systems, accounting for 25 per cent of the attacks. Other forms of attack were improper input validation (9 per cent), information exposure (9 per cent) and resource management errors (8.26 per cent).

According to the report, attacks increased due to the vulnerability of industrial machinery and lack of information sharing.

“Because companies are only required to report data breaches that involve personal or payment information, SCADA attacks often go unreported. As a result, other industrial companies within the space might not even know a SCADA threat exists until they are targeted themselves,” states the report.

The report recommended a number of ways to protect against SCADA attacks, nothing the importance of keeping software and systems are up to date.

"Too often with industrial companies, systems that are not used every day remain installed and untouched as long as they are not actively causing problems," the report states.

"However, should an employee one day connect that system to the Internet, it could become a threat vector for SCADA attacks.”

Dell also recommended that SCADA networks only allow connections with approved IPs, and restricting USB ports and Bluetooth.

HTTPS protocol

The report also noted that there was an increase in the volume of encrypted Web connections from 182 billion in January 2014 to 382 billion in January 2015.

As of March 2015, the number of HTTPS Web connections was 437 billion.

“Although there are many benefits to using more Internet encryption, we are seeing a less positive trend emerge as hackers exploit this encryption as a way of hiding malware from corporate firewalls,” read the report.

For example, in January 2014, hackers distributed malware to about 27,000 Europeans per hour over the course of four days by infecting a group of banner advertisements on Yahoo’s news site. Since Yahoo’s site was encrypted, this malware was able to tunnel through users’ firewalls unseen, said Dell.

If clicked, the advertisements directed users to websites that tried to install malware.

“While managing against this threat is complicated, organisations can provide threat protection for encrypted traffic by implementing SSL inspection,” read the report.

Follow Hamish Barwick on Twitter: @HamishBarwick

Follow Computerworld Australia on Twitter: @ComputerworldAU, or take part in the Computerworld conversation on LinkedIn: Computerworld Australia

Join the Computerworld newsletter!

Error: Please check your email address.

Tags DellSCADAHTTPScyber security

More about DellYahoo

Show Comments