Exploring Vulnerabilities, Threats & Mitigation in ICS & SCADA

Verified

Added on 2023/04/21

AI Summary

This report identifies and analyzes three common vulnerabilities in SCADA and Industrial Control Systems (ICS): Zero Day Vulnerability, Database Injection, and Remote Control. For each vulnerability, the report discusses methods of discovery, expected frequency of occurrence, and provides at least three recommendations for mitigation. It also evaluates potential threat actors, detailing their motives, resources, and credibility. The analysis highlights the importance of proactive security measures, including incident response teams, regular updates, and vulnerability scanners, to protect critical infrastructure from cyber threats. The report emphasizes the need for continuous monitoring and validation of user data to prevent unauthorized access and data breaches. This document is available on Desklib, a platform offering study tools and solved assignments.

Running head: VULNERABILITIES IN SCADA
VULNERABILITIES IN SCADA
Name of the Student
Name of the University
Author note

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

2
VULNERABILITIES IN SCADA
Table of Contents
Vulnerability....................................................................................................................................3
Frequency........................................................................................................................................4
Recommendations............................................................................................................................5
Threat Creators................................................................................................................................6
References........................................................................................................................................7

3
VULNERABILITIES IN SCADA
Vulnerability
The major vulnerabilities that are present in the functioning of the SCADA and ICS systems
are as follows: -
 Zero Day Vulnerability: Zero Day Vulnerability has the potential to degrade the accuracy
of the entire project. In case of occurrence of Zero Day Vulnerability the developers do
not get time to develop the patch and implement the same patch in order to overcome the
issue that is present in the entire system (Ullah & Mahmoud 2017). Occurrence of this
issue is not very high. This issue arises only during the setting up of the program that is to
be performed with the help of SCADA.
Zero Day Vulnerability cannot be detected with the help of the general versions of
antimalware or IDS and IPS devices. The methodology that is needed to be implemented
includes alerting of administrators regarding the outbound internet activities that are
unauthorized in nature. A general alert is to be sent which will indicate that the presence of
issues. Implementation of Honeyed method and Linear data transformation technique will help in
better management if the issue.
 Data base injection: Data base injection is also termed as SQL injection. In this case a
malicious code is introduced to the program that is to be functioned in SCADA. As the
field devices are built in analog methodology implementation of database injection issues
arises. Due to the increase in IP communication in between 2 systems the chances of data
base injection also increase in a SCADA system (Ren, Yardley & Nahrstedt 2018)

4
VULNERABILITIES IN SCADA
Implementation of routine applications must be done in order to detect the issues that are
present in the SCADA system. Performing querying in efficient manner with the help of the
HTML tags helps in detection of the malware system. This routine auditing helps in detection of
the occurrence of the data base injection system.
 Remote control
SCADA systems have the compatibility to stay connected with other systems with
the help of remote-control systems. This feature of SCADA systems acts as both benefit
and disadvantage for the system that uses SCADA (Sajid, Abbas & Saleem, 2016). The
major disadvantage that is present in case of using this remote-control system is that with
the help of the remote system the imposters can gain access to the data that are being
processed in the SCADA system. Attackers steal endpoints of SCADA systems in order
to proclaim the system that is functioning (Lee, 2018)
Implementation of SCADA vulnerability scanner might act helpful in order to detect the
unauthorized access to the SCADA project. In case the SCADA vulnerability scanner is
implemented in the system notification will be provided in case unauthorized users log into the
systems
Frequency
The frequency at which the vulnerability of SCADA and ICSs is ought to happen are as
follows: -
1. Zero Day Vulnerability: Chances of occurrence of Zero Day Vulnerability is not
very high but the severity of the consequences on its occurrence is relatively high.

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

5
VULNERABILITIES IN SCADA
2. Data base injection: Chances of occurrence of data base injection in a SCADA
system is relatively higher than that of Zero Day Vulnerability. The severity of
consequences is not as high as the consequence of Zero Day Vulnerability
3. Remote control: Chances of occurrence of remote control is very low. The main
reason of that the chances of occurrence of this aspect is low because the technology
that is required for performing this threat is very high end. The affect that it might do
to the entire system will be very high in case this problem arises.
Recommendations
The recommendations that will act helpful in order to perform the functioning in SCADA
system are as follows: -
 In case of the Zero Day Vulnerability prevention from this issue is better than searching
for cure procedures. Deploying of the incident response team for providing prevention in
case of Zero Day Vulnerability. With a team of trained individuals hired for protecting
the SCADA system the SCADA system stays protected
 Keeping the plug ins and the libraries updated are one of the main aspects that must be
taken into consideration as the updated versions are difficult to breach through. Not
sharing of the data base accounts among the different applications and the websites will
also act beneficial in preventing the data base injection. Validating the user supplied data
base information and audits will also act advantageous in this course
 Implementation of SCADA Vulnerability scanner will also help in better management of
the SCADA systems. With the help of the vulnerability scanner the benefit that is

6
VULNERABILITIES IN SCADA
enjoyed includes better notification provisioning regarding access of the data that are
present in the SCADA system.
Threat Creators:
1. Zero Day Vulnerability: Human factor
The main motive behind Zero Day Vulnerability is to destroy the entire SCADA system from
functioning and making the developers unable to rectify the issues
2. Data Base injection: Human factor
The main motive behind this issue is to make the data that are stored on the data base invalid and
corrupt the data that are present
3. Remote access: Human factor
The main motive behind occurrence of tis issue includes gaining of data in an unauthorized
manner and using the same against the genuine user.

7
VULNERABILITIES IN SCADA
References
Lee, C. (2018). Discovering Cyber Vulnerabilities in SCADA Control System via Examination
of Water Treatment Plant in Laboratory Environment. The UNSW Canberra at ADFA
Journal of Undergraduate Engineering Research, 9(1).
Ren, W., Yardley, T., & Nahrstedt, K. (2018, October). EDMAND: Edge-Based Multi-Level
Anomaly Detection for SCADA Networks. In 2018 IEEE International Conference on
Communications, Control, and Computing Technologies for Smart Grids
(SmartGridComm) (pp. 1-7).
Sajid, A., Abbas, H., & Saleem, K. (2016). Cloud-assisted IoT-based SCADA systems security:
A review of the state of the art and future challenges. IEEE Access, 4, 1375-1384.
Ullah, I., & Mahmoud, Q. H. (2017, December). A hybrid model for anomaly-based intrusion
detection in SCADA networks. In Big Data (Big Data), 2017 IEEE International
Conference on (pp. 2160-2167). IEEE.