Why are SCADA systems connected to the internet?

Supervisory Control And Data Acquisition (aka SCADA) devices have evolved over time to be capable of being attached to the Internet. These devices are at the heart of most critical infrastructure control. For a while now, I have been trying to understand why people involved in utilizing SCADA devices consider it acceptable to connect them to the Internet. In discussions with various people that have knowledge of many such systems, I have been surprised to learn that it is common practice for the networks to include connectivity to the Internet. Firewalls of various types are employed to theoretically address the concern that malicious people may find ways to access and control these systems, possibly leading to life-threatening situations.

One example of what might occur when SCADA systems are internet connected is covered in this September 2009 article from The Register. This article goes beyond the scope of SCADA and internet connectivity, highlighting multiple reasons for concern. Another example is detailed in an April 2009 letter from the North American Electric Reliability Corporation (aka NERC) to power plant operators where cyber security threats are cited as a significant risk to electrical power generation in the United States.

SCADA is used for many things beyond the power grid. For example, SCADA systems control the amount of water flowing through some dams, which if compromised could result in flooding or water supply depletion. Gas and oil production/distribution are also controlled by SCADA systems and unauthorized access by cyber-criminals or cyber-terrorists could wreak havoc on heating, transportation, power generation, and other industrial and agricultural systems. There are many more uses of SCADA systems spanning transportation, industry and other major sectors, many of which can have life-threatening implications should they be compromised.

I have yet to find a compelling argument to justify connecting SCADA systems to the Internet. I don’t believe that the perceived benefits of having SCADA systems connected to the internet outweigh the risks. I am therefore trying to convince people of influence to discontinue such practices, and instead utilize physically separated networks.

- Marc

6 comments to Why are SCADA systems connected to the internet?

  • Steve Goldsmith

    There is no reason why any SCADA system would be connected to the public Internet, other then lazyness, and/or a lack of understanding on how to properly isolate and secure them.

    Until there is some requirement that command and control infrastructure be properly isolated and secured, people will continue to have them connected to publicly accessible networks.

  • Right, there is no *good* reason for a SCADA system to be publicly accessible. The laziness may be a factor sometimes but I’d put my money on the cause being that the people that are installing these systems simply do not have the necessary amount of expertise necessary to do the job right. I expect that in many cases installation is done by a third party with oversight being done by an employee that is over his head with the entire system and truly doesn’t understand what is being installed. (That’s why they hired the third party to do the installation.)

    Because many times a bid is won by being the lowest bidder there is no incentive for the contracted installer to put any effort whatsoever into the end client’s systems security. Because the system owner often has both no access to the skillset needed for proper security and no clue that said security even matters we see SCADA systems exposed to the internet.

    Regulation could probably help the matter and may make sense for SCADA systems that are responsible for things that, if cracked, can lead to public harm. Education and fear of bankruptcy may be the best change agents for the other SCADA systems that are more private in nature.

  • marc

    A friend pointed me at this scary article (see the graph in particular):


  • Tim April

    As far fetched as the plot to Live Free, Die Hard (http://www.imdb.com/title/tt0337978/) was for a movie, portions of the movie are starting to become a reality. The SCADA networks of the world being linked to the Internet could be seen as opening the proverbial flood gates (no pun intended) to a new age of hacking and cracking. Although we may not be to the point where someone can wreak the havoc that Hollywood portrays, there is a distinct possibility that interruptions of service can occur and have any degree of effect to systems attached to the Internet.

    Other similar issues on the horizon include the use of broadband over the power lines. Many power companies have started to toy with the idea of sending data directly over the lower voltage power lines ( http://en.wikipedia.org/wiki/Power_line_communication#Utility ) as well as the high voltage transmission lines for the new Smart Grid that is currently being developed and deployed ( http://www.oe.energy.gov/smartgrid.htm ). Both of these concepts are reasonably safe due to the level of difficulty to infiltrate them as a separated network, but at the point where the smart grid meets the Internet problems start to present themselves. The instant that the smart grid becomes Internet enabled the danger presents itself and the never ending battle to plug the security holes begins.

    Furthermore, in all aspects of security, information technology or otherwise, the procedures and system security are only as good as the people whom apply it. As illustrated in the speech at DefCon by Johnny Long ( http://video.google.com/videoplay?docid=-2160824376898701015# ), it is no longer people sitting somewhere in the world with their laptop hacking and cracking into remote systems, but there are now breaches of physical security leading to control and data to get into the wrong hands.

  • paul

    Talk about timely. Though this was an inside job, it certainly helps illustrate just how vulnerable we are. http://www.scmagazineus.com/Disgruntled-SCADA-consultant-pleads-guilty/article/149759/

  • Ralo Gordon

    I, too, have similar concerns. The government has exceedingly high penalties for non-compliance with NERC/FERC/CIP, but if an attack occurs the money is going to be a secondary concern.

Leave a Reply




You can use these HTML tags

<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>