Home > Critical Infrastructure Security, SCADA Security > TOP 10 SCADA Security Threats

TOP 10 SCADA Security Threats

May 25, 2009 Leave a comment Go to comments

According to a Control Engineering Article published in 2007, the Top 10 SCADA/DCS threats are:

1. Inadequate policies, procedures, and culture governing control system security.
2. Inadequately designed networks with insufficient defense-in-depth.
3. Remote access without appropriate access control.
4. Separate auditable administration mechanisms.
5. Inadequately secured wireless communication.
6. Use of a non-dedicated communications channel for command and control.
7. Lack of easy tools to detect/report anomalous activity.
8. Installation of inappropriate applications on critical host computers.
9. Inadequately scrutinized control system software.
10. Unauthenticated command and control data.

NERC and The NSTB (National SCADA Test Bed) issued the following proposed mitigations and recommendations to fix and address each and every threat form the list above.. (TOP 10 Vulnerabilities Mitigations can be downloaded HERE) Thanks to NERC/NSTB.

Categories: Critical Infrastructure Security, SCADA Security Tags:
  1. No comments yet.
  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s

<span>%d</span> bloggers like this: