TOP 10 SCADA Security Threats
According to a Control Engineering Article published in 2007, the Top 10 SCADA/DCS threats are:
1. Inadequate policies, procedures, and culture governing control system security.
2. Inadequately designed networks with insufficient defense-in-depth.
3. Remote access without appropriate access control.
4. Separate auditable administration mechanisms.
5. Inadequately secured wireless communication.
6. Use of a non-dedicated communications channel for command and control.
7. Lack of easy tools to detect/report anomalous activity.
8. Installation of inappropriate applications on critical host computers.
9. Inadequately scrutinized control system software.
10. Unauthenticated command and control data.
NERC and The NSTB (National SCADA Test Bed) issued the following proposed mitigations and recommendations to fix and address each and every threat form the list above.. (TOP 10 Vulnerabilities Mitigations can be downloaded HERE) Thanks to NERC/NSTB.
Recent Comments