Is your company’s SCADA (Supervisory Control and Data Acquisition) system at risk? You bet it is!
What is SCADA and Why is it at Risk?
There are 3 primary risk factors for SCADA systems:
- Emergence of smart technology
- The ever-increasing globalization of the economy
- The overall increase in the number, motivation, and sophistication of hackers
As you may or may not know, SCADA systems are used by electric utilities to monitor high voltage transmission systems. They interface with other systems to create intelligence that can be used to facilitate well-informed operational decisions. Unfortunately, because of this deep level of systemic integration, a problem with any one component can cause a domino effect that can cause system-wide failure. This is essentially what caused the 2003 Northeast Blackout.
SCADA systems are also being increasingly integrated with smart technology, which is both a blessing and a curse in the sense that this improves functionality but also increases cybersecurity risk. The most glaring example is the 2015 Ukrainian cyber-attack caused by crash override malware, but even here in the U.S. we’ve seen attacks on electric and water utilities and dams.
What is Being Done About It?
Several governmental agencies – Office of the Director of National Intelligence, Department of Homeland Security, Department of Energy, FERC, and a variety of state entities – are working on mitigation strategies and tactics. Unfortunately, this not a quick, inexpensive or easy fix, because the cyber threat profile is in a state of constant flux as new hacking schemes and players continuously move into and out of the “game.”
The good news is that there clearly is a substantial awareness of the risk, and a lot of very smart people are working long hours to come up with potential solutions to shore up our SCADA systems and networks. We just need these brainiacs to hurry up a little!