Vulnerabilities / Threats
2/12/2013
12:58 PM
Dark Reading
Dark Reading
Products and Releases
Connect Directly
RSS
E-Mail
50%
50%

SANS Releases First Of Its Kind Deep-Dive Survey On SCADA Security Practices

Survey revealed that respondents are putting most of their security focus on the computers operating their proprietary control systems

BETHESDA, Md., Feb. 12, 2013 /PRNewswire-USNewswire/ -- According to a survey of nearly 700 SCADA and other control system operators, awareness of risk is high, while protections are lagging.

"Control system cyber assets are vulnerable, threats are escalating and the industry is aware of these facts," says survey paper author Matthew Luallen, a senior SANS analyst and SCADA/process control system expert who teaches on this subject at DePaul University. "Stuxnet can be cited for finally raising risk awareness, but some of this awareness is experiential: In the survey, 33% of respondents know or suspect they've been breached."

Sponsored by ABB, Industrial Defender and Splunk, the survey revealed that respondents are putting most of their security focus on the computers operating their proprietary control systems. Unfortunately, they're doing so to the neglect of the Program Logic Controllers and other proprietary SCADA devices running atop of these computers, which have little or no native security.

"Operators need to better align their security and compliance programs with their most critical directive of preventing disruptions to service or operations," advises Deb Radcliff, executive editor of the SANS Analyst Program.

"SCADA operators should layer their security and work with their control system vendors -- who are also aware of the risk and making improvements."

Readers are invited to attend a SANS webcast to learn the full results of the survey. This webcast is scheduled for February 20, 2013, at 1 PM EST. Those who register for the webcast will also receive an advanced copy of the published results paper developed by Mr. Luallen.

"This is the first time I have seen a succinct review of the problems faced by all industries using SCADA technologies," says Barbara Filkins, SANS analyst, advisor to the survey and healthcare privacy expert. "I'm voluntary president of our mutual water company and our board is considering installing a SCADA system.

I will definitely use some of the findings in this survey to help guide our selection."

About SANS Institute

The SANS Institute was established in 1989 as a cooperative research and education organization. SANS is the most trusted, and by far the largest, source for world-class information security training and security certification in the world. GIAC, an affiliate of the SANS Institute, is a certification body featuring over 20 hands-on, technical certifications in information security.

SANS offers a myriad of free resources to the InfoSec community including consensus projects, research reports, and newsletters; and it operates the Internet's early warning system - the Internet Storm Center. At the heart of SANS are the many security practitioners in varied global organizations from corporations to universities working together to help the entire information security community. (www.sans.org)

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Flash Poll
Current Issue
Cartoon
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-0972
Published: 2014-08-01
The kgsl graphics driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, does not properly prevent write access to IOMMU context registers, which allows local users to select a custom page table, and consequently write ...

CVE-2014-2627
Published: 2014-08-01
Unspecified vulnerability in HP NonStop NetBatch G06.14 through G06.32.01, H06 through H06.28, and J06 through J06.17.01 allows remote authenticated users to gain privileges for NetBatch job execution via unknown vectors.

CVE-2014-3009
Published: 2014-08-01
The GDS component in IBM InfoSphere Master Data Management - Collaborative Edition 10.0 through 11.0 and InfoSphere Master Data Management Server for Product Information Management 9.0 and 9.1 does not properly handle FRAME elements, which makes it easier for remote authenticated users to conduct ph...

CVE-2014-3302
Published: 2014-08-01
user.php in Cisco WebEx Meetings Server 1.5(.1.131) and earlier does not properly implement the token timer for authenticated encryption, which allows remote attackers to obtain sensitive information via a crafted URL, aka Bug ID CSCuj81708.

CVE-2014-3534
Published: 2014-08-01
arch/s390/kernel/ptrace.c in the Linux kernel before 3.15.8 on the s390 platform does not properly restrict address-space control operations in PTRACE_POKEUSR_AREA requests, which allows local users to obtain read and write access to kernel memory locations, and consequently gain privileges, via a c...

Best of the Web
Dark Reading Radio