SCADA, Telematics & GPS Technologies

Historically, “sensitive” networks have traditionally enjoyed a sense of security due to their total, and complete separation from publicly accessible networks.

In fact, most of us old-school “security wonks” have always joked about the fact that the “…only real security is a pair of wire cutters…” to humorously illustrate the fact that nothing is really secure that is exposed to uncertainty, or untrusted access.

This has always been true in my personal background, having worked in U.S. Military COMSEC disciplines over many years. And given the fact that I have also worked in the Internet security arena for almost 20 years, I figure this gives me some unique insight into some of these issues.

The same security postures which can be applied to COMSEC can, and should, be true of SCADA (Supervisory Control And Data Acquisition) systems.

When you think “SCADA”, think power, water, etc. The systems that allow civilization to function.

First and foremost, these systems should never — never — be connected in any way, shape, or form to the public Internet. Not even as VPNs, or overlay networks. This is simply wrong-headed.

Unfortunately, some business decisions over the course of the past 15 years have allowed the “public” and “private” networks to become dangerously close in proximity, due to “cost savings” and “operational efficiency” business decisions — by companies that control the very systems which deliver these life-sustaining services to the world’s population.

It’s one thing to steal passwords, perpetrate fraud, and other financial theft-based cyber crimes — but it is ominously more dangerous to shut down the electricity to a complete region of a power grid.

If there is anyone out there who thinks that this is only the storyline of blockbuster movies, think again.

There are certainly forces “out there” who wish to wreak havoc, cause damage, and claim victory.

And they are using the exact same methods to infiltrate SCADA infrastructure that they are using to steal unwitting victim’s checking account information.

Source

Indusoft provides HMI/SCADA for one of Europe’s largest BEMS supplier

AUSTIN, TEXAS — InduSoft announces the release of a new Cylon Controls driver for their HMI/SCADA software, InduSoft Web Studio. Cylon Controls is
one of the largest independent Building Energy Management Systems (BEMS) equipment manufacturers in Europe.

This new driver eliminates the need for an OPC Server. As a result, installation and system engineering costs of the Cylon solution will be less costly, easier to configure, and will potentially realize healthy performance gains. The driver also ensures the ability to support Windows CE, which—in some cases—can be a complex task when OPC server implementations are required. InduSoft Web Studio makes it possible to provide an HMI that monitors and integrates not only the building HVAC system, but also the pumping systems, energy, gas and water measurements, lighting control, shutter control, alarm reporting, security and video surveillance, and many other functions as well.

The driver enables seamless integration with numerous devices, such as HVAC Direct Digital Controllers, that Cylon uses in their BEMS solutions. In fact, the new driver has become a key element of Cylon solutions on a number of successful projects.

The first project to benefit from the driver is the Aquapura Hotel—a five-star hotel located in Douro Valley, Portugal. The hotel was outfitted with a Cylon BEMS solution boasting more than 6,000 I/O points. The project was so successful it was named the Cylon Portuguese Project of the year 2007, and the award was delivered by the Irish Ambassador to Portugal on April 4, 2008.

José Mota, CEO of Dosapac S.A., the systems integrator in Portugal that installed the system at the Aquapura Hotel, says “The reliability of every project is important to us. Without InduSoft Web Studio, the sheer number of I/O points would have swamped most systems—but InduSoft, coupled with their new driver held up surprisingly well. We couldn’t be happier with the result.”

Edmonton, Alberta - The OPC Training Institute, a worldwide technology-training provider, announced today that it has selected Softing’s OPC Tunnel product as a teaching tool in their hands-on OPC training workshops.

OPC technology is a global industrial connectivity standard that enables process control and manufacturing applications to communicate with each other using an interoperable, reliable, and secure connection. Interoperability is apparent due to support by over 3,000 companies with well over 15,000 unique OPC applications. As a result, most work environments host a multitude of applications created by a variety of vendors. Historically, vendor-hosted training opportunities generally focus on proprietary solutions only.

Softing, a world leader in providing OPC technology, was selected by the OPC Training Institute because of their strong commitment to provide advanced OPC technology. Softing is a Charter Member of the OPC Foundation and participates regularly in OPC Foundation Interoperability sessions. In addition, Softing has authored the OPC industry popular “OPC Book” now entering its 4th revised edition.

“We fully endorse the OPC Training Institute as it is an excellent approach to introducing OPC technology to a global industry,” says Jürgen Lange, Product Marketing Manager at Softing. “They are staffed with OPC experts that readily convey the technology by combining their know-how with real-life examples.”

“We choose Softing’s OPC Tunnel product for two reasons,” says Randy Kondor, President of the OPC Training Institute. “First, Softing is a reputable international company headquartered in Europe. We seek to partner with world-class companies that have local representation in the regions where we offer OPC training. Second, Softing’s certified OPC Tunnel is a field-proven product for applications that require high-performance and data security.”

The OPC Training Institute’s Certified OPC Professional designation involves four levels of training. Softing’s OPC Tunnel application is demonstrated in “Level 1: OPC and DCOM Diagnostics”. OPC Tunneling products, such as Softing OPC Tunnel, will be used in the classroom to demonstrate how to reduce the reliance on Microsoft’s DCOM technology while at the same time optimizing the OPC technology communication standard.

The OPC Training Institute is supported by many OPC Foundation members all with the goal to educate automation professionals on the use of OPC technology.

About OPCTI, Softing

“The Tragedy of the Commons is a type of social trap, often economic, that involves a conflict over finite resources between individual interests and the common good.”

- Wikipedia

In a perfect world, we all understand that certain situations should not exist which put our critical infrastructure at risk — we all like to be able to have electricity, water, and other common utilities which we normally take for granted.

But we do not live in a perfect world, of course.

First, let’s look at the issue of “convergence”, or rather, “premature convergence” which seems to be a better definition:

“…premature convergence means that a population for an optimization problem converged too early, resulting in being suboptimal.”

- Wikipedia

This is similar to — what I believe to be — the situation wherein some unknown portion of the SCADA controls & operations community has strategically moved itself into: using the same platforms, operating systems, and software, which are now susceptible to the vulnerabilities that we all know too well. Buffer overflows, remote exploitation, denial of service vulnerabilities, and so forth and so on.

Now, this wouldn’t be a problem if these system were, in no uncertain terms, not connected to the Internet in any way, shape, or form.

But that is increasingly not the case.

Due to operational “optimization” (meaning: it is cheaper to use publicly available connectivity to manage these systems), the SCADA threat landscape now begins to look a lot like the network security landscape that we all know and respect — one of constant vigilance and constant defensive threat posture.

Within the past couple of days, there have been a couple of SCADA systems management platform vulnerabilities announced which could result in some rather serious exploitation. The SANS ISC reported yesterday a situation in which one software suite which “…provides unauthorized access, allows partial confidentiality, integrity, and availability violation, allows unauthorized disclosure of information, allows disruption of service.”

This seems rather serious. And I have been informed that there is at least one more similar vulnerability which has not been publicly disclosed yet.

As utility companies make operational decisions based on economic business savings (using the Internet, or an Internet VPN, to manage their client-control base to save money), the unintended consequences can be severe. When they occur. If they occur.

Throw the dice.

Let’s keep our fingers crossed that the SCADA community quickly comes to grips with the nature of network security.

Source: TrendsLab Malmware Blog