SCADA cyber attacks double in 2014, says Dell

SCADA cyber attacks double in 2014
SCADA systems are often attacked for political motivations rather than monetary to undermine security at power stations

Cyberattacks on supervisory control and data acquisition (SCADA) systems have increased by 100% in 2014, according to IT giant Dell’s annual Threat Report.

The study found that attacks against SCADA systems have doubled since 2013 and tend to be political in nature as they target operational capabilities within power plants, factories, and refineries.

The majority of the attacks happened in Finland, the UK, and the US, according to the report.

One likely factor is that SCADA systems are more common in these regions and more likely to be connected to the Internet.

In 2014, Dell saw 202,322 SCADA attacks in Finland, 69,656 in the UK, and 51,258 in the US.

Patrick Sweeney, executive director at Dell Security, said: “Since companies are only required to report data breaches that involve personal or payment information, SCADA attacks often go unreported.

“This lack of information sharing combined with an aging industrial machinery infrastructure presents huge security challenges that will to continue to grow in the coming months and years.”

As a result, other industrial companies within the space might not even know a SCADA threat exists until they are targeted themselves.

Buffer overflow vulnerabilities continue to be the primary attack method, accounting for 25% of the attacks.

How to stop a SCADA cyber attack

The ‘Threat Report’ suggests that making sure all software and systems are up to date is one way to counteract attacks.

Mr Sweeney said: “Too often with industrial companies, systems that are not used every day remain installed and untouched as long as they are not actively causing problems.

“However, should an employee one day connect that system to the Internet, it could become a threat vector for SCADA attacks.”

Another way is to make sure your network only allows connections with approved IPs.

Sweeney said: “Follow operational best practices for limiting exposure, such as restricting USB ports if they aren’t necessary and ensuring Bluetooth is disabled.

“In addition, reporting and sharing information about SCADA attacks can help ensure the industrial community as a whole is appropriately aware of emerging threats.”

Dell Security compiles its annual report based on data gathered by the Dell Global Response Intelligence Defence Network, which sources information from more than 1 million security sensors in more than 200 countries, intelligence from freelance security researchers as well as cyber security associations.