A number of types of security challenges to which SCADA systems may be vulnerable are recognized in the industry. The list includes:

• Authorization violation: an authorized user performing functions beyond his level of authority

• Eavesdropping: gleaning unauthorized information by listening to unprotected communications

• Information leakage: authorized users sharing information with unauthorized parties

• Intercept/alter: an attacker inserting himself (either logically or physically) into a data connection and then intercepting and modifying messages for his own purposes

• Masquerade (“spoofing”): an intruder pretending to be an authorized entity and thereby gaining access to a system

• Replay: an intruder recording a legitimate message and replaying it back at an inopportune time.

An often-quoted example is recording the radio transmission used to activate public safety warning sirens during a test transmission and then replaying the message sometime later.

An attack of this type does not require more than very rudimentary understanding of the communication protocol.

• Denial of service attack: an intruder attacking a system by consuming a critical system resource such that legitimate users are never or infrequently serviced.

Related post

No comments: