SCADA security in the light of cyber-warfare

Computers and Security

Volumn 31, Issue 4, 2012, Pages 418-436

  Nicholson, A ^a   Webber, S ^a   Dyer, S ^a   Patel, T ^a   Janicke, H ^a  

^a DE MONTFORT UNIVERSITY   (United Kingdom)

Author keywords

Adversary classification; Cyber Warfare; SCADA; SCADA incidents; Security

Indexed keywords

CORPORATE NETWORKS; CYBER-ATTACKS; CYBER-WARFARE; INDUSTRIAL MANUFACTURING; ISOLATED SYSTEMS; MITIGATION STRATEGY; PUBLIC TRANSPORT; SCADA; SCADA INCIDENTS; SCADA SECURITY; SECURITY;

COMPUTER SCIENCE; SECURITY OF DATA;

SCADA SYSTEMS;

EID: 84861093550     PISSN: 01674048     EISSN: None     Source Type: Journal    
DOI: 10.1016/j.cose.2012.02.009     Document Type: Article

References (102)

1. ABB S.P.I.D.E.R. The open platform for horizontal and vertical integration of power control centres 1992 accessed on 21.03.11. URL: http://www05.abb.com/global/scot/scot349.nsf/veritydisplay/ edbeaa2150d639e1c125754d0049aea6/%24file/1mdb00007-en-en-s.p.i.d.e.r. -the-open-platform.pdf
2. ABB Inter-center communication (elcom) November 2001 accessed on 21.03.11. URL: http://library.abb.com/global/scot/scot221.nsf/veritydisplay/ edba65eca3d4a780c1256a6b003ebd28/$File/ELCOM%20Inter- Center%20Communication.pdf
3. ABB SPIDER sense for London underground November 2009 accessed on 21.03.11. URL: http://www.abb.co.uk/cawp/seitp202/ 2b32431a074bd48cc1256eef0040a58b.aspx
4. U.S. Abraham Final report on the August 14th blackout in the United States and Canada 2003 accessed on 10.04.11. URL: https://reports.energy.gov/ BlackoutFinalWeb.pdf
5. J. ADAMS Testemony of James Adams, chief executive officer, infrastructure defense inc March 2000 Committee on Governmental Affairs United States Senate
6. G. Baker Schoolboy hacks into city's tram system January 2008 Telegraph accessed on 10.04.11. URL: http://www.telegraph.co.uk/news/worldnews/1575293/ Schoo%Ωlboy-hacks-into-citys-tram-system.html
7. J. Barlow Inside cyber warfare Interface on the Internet 10 6 2010 URL: http://bcis.pacificu.edu/journal/article.php?id=708
8. BBC The Chernobyl disaster 2004 accessed on 30.03.11. URL: http://www.bbc.co.uk/dna/h2g2/A2922103
9. BBC News Caucasus foes fight cyber war 2008 accessed on 10.04.11. URL: http://news.bbc.co.uk/1/hi/world/europe/7559850.stm
10. BBC News Major cyber spy network uncovered 2009 accessed on 10.04.11. URL: http://news.bbc.co.uk/1/hi/7970471.stm
11. BBC News Profile: Gary McKinnon 2009 accessed on 10.04.11. URL: http://news.bbc.co.uk/1/hi/uk/7839338.stm
12. BBC News UK has cyber attack capability 2009 accessed on 10.04.11. URL: http://news.bbc.co.uk/1/hi/uk-politics/8118729.stm
13. J. Blau The battle against cyber terror December 2004 Computer World accessed on 10.04.11. URL: http://www.computerworld.com/s/article/97953/The- battle-against-cyberterror
14. E. Byres, M. Franz, and D. Miller The use of attack trees in assessing vulnerabilities in SCADA systems International infrastructure survivability workshop (IISW) 2004 IEEE
15. E. Byres, D. Leversage, and N. Kube Security incidents and trends in scada and process industries The Industrial Ethernet Book 39 2 2007 12 20
16. N. Cai, J. Wang, and X. Yu SCADA system security: complexity, history and new developments Industrial informatics, 2008. INDIN 2008. 6th IEEE international conference on 2008 IEEE 569 574
17. E. Chikuni, and M. Dondo Investigating the security of electrical power systems SCADA AFRICON 2007 2007 IEEE 1 7
18. Citect Software solutions for your industry 2009 accessed on 30.03.11. URL: http://www.citect.com/index.php?option=com-content&view=article&id= 1429&Itemid=1303
19. J. Clarke Stuxnet threat rings EU alarm bells October 2010 ZDNet accessed on 10.04.11. URL: http://www.zdnet.co.uk/news/security-threats/2010/10/08/ stuxnet-threat-rings-eu-alarm-bells-40090465/
20. S. Controls E.ON UK SCADA system for wind farm portfolio 2009 accessed on 10.04.11. URL: http://www.serckcontrols.com/pdfs/E-CS-E.ON.pdf
21. Core Security Wonderware suitelink denial of service vulnerability May 2008 accessed on 21.03.11. URL: http://www.coresecurity.com/content/wonderware
22. CPNI SCADA 2008 accessed on 21.03.11. URL: http://www.cpni.gov.uk/advice/ infosec/business-systems/scada/
23. CPNI Information exchanges 2011 accessed on 21.03.11. URL: https://www.niscc.gov.uk/Products/information.aspx
24. Cyber Warfare Frontline Mountain view 2003 accessed on 10.04.11. URL: http://www.pbs.org/wgbh/pages/frontline/shows/cyberwar/warnings/
25. DATAC Group Realwin scada system by realflex technologies ltd 2011 accessed on 21.03.11. URL: http://www.dataconline.com/software/realwin.php
26. Z. Davis Hole found in protocol handling vital national infrastructure 2007 accessed on 21.03.11. URL: http://www.physorg.com/news94025004.html
27. K. Doran SCADA certification program confirms professional skills 2005 Accessed on 21.03.11. URL: http://www.allbusiness.com/mining/support-activities- mining-support-oil/350245-1.html
28. N. Falliere, L.O. Murchu, and E. Chien W32.stuxnet dossier Symantec Security Response February 2011 accessed on 10.04.11. URL: http://www.symantec. com/content/en/us/enterprise/media/security-response/whitepapers/ w32-stuxnet-dossier.pdf
29. Federation of American Scientists Crs report for congress - cyberwarfare 2001 accessed on 10.04.11. URL: http://www.fas.org/irp/crs/RL30735.pdf
30. J. Fernandez, and A. Fernandez SCADA systems: vulnerabilities and remediation Journal of Computing Sciences in Colleges 20 4 2005 160 168
31. K. Finisterre The five ws of citect odbc vulnerability cve-2008-2639 2008 Packet Storm Security accessed on 30.03.11. URL: http://dl.packetstormsecurity. net/papers/attack/citectodbc-fivews.txt
32. Global Security Eligible receiver 2005 accessed on 10.04.11. URL: http://www.globalsecurity.org/military/ops/eligible-receiver.htm
33. S. Gold Look after your scada heart January 2009 accessed on 21.03.11. URL: http://www.infosecurity-us.com/view/659/look-after-your-scada-heart/
34. D. Goodin Elecrical supe charged with damaging california canal system November 2007 The Register accessed on 10.04.11. URL: http://www.theregister.co. uk/2007/11/30/canal-system-hack/
35. D. Goodin Gas refineries at defcon 1 as scada exploit goes wild 2008 The Register accessed on 10.04.11. URL: http://www.theregister.co.uk/2008/09/08/ scada-exploit-released/
36. D. Goodin Pro-palestine vandals deface army, nato sites 2008 The Register accessed on 10.04.11. URL: http://www.theregister.co.uk/2009/01/10/army-nato- sites-defaced/
37. D. Goodin Hackers demand 10m ransom for virginia medical data 2009 The Register accessed on 10.04.11. URL: http://www.theregister.co.uk/2009/05/05/ virginia-medical-records-extortion/
38. D. Goodin Hospital hacker arrested 2009 The Register accessed on 10.04.11. URL: http://www.theregister.co.uk/2009/07/01/hospital-hacker-arrested/
39. S. Gorman Electricity grid in U.S. penetrated by spies The Wall Street Journal April 2009 URL: http://online.wsj.com/article/SB123914805204099085.html
40. Government Accountability Office Cyber threat source descriptions 2009 accessed on 10.04.11. URL: http://us-cert.gov/control-systems/csthreats. html#hack
41. T. Greene Experts hack power grid in no time April 2008 Network World accessed on 10.04.11. URL: http://www.networkworld.com/news/2008/040908-rsa- hack-power-grid.html
42. M. Higgs Electrical SCADA systems from the operators perspective Human interfaces in control rooms, cockpits and command centres, 1999. International conference on 1999 IET 458 461
43. A. Hildick-Smith Security for critical infrastructure scada system 2005 URL: http://www.sans.org/reading-room/whitepapers/warfare/security-critical- infrastructure-scada-systems-1644
44. Idaho National Laboratory National SCADA test bed fact sheet 2007 URL: http://www.inl.gov/scada/factsheets/d/nstb.pdf
45. IEEE Ieee std c37.1 1994 accessed on 30.03.11. URL: http://www. 17799central.com/starting.htm
46. IEEE, and W. G. C. Ieee trial use standard for scada serial link cryptographic modules and protocol 2008 accessed on 21.03.11. URL: http://grouper.ieee.org/groups/sub/wgc6/documents/drafts/ P1711%20Draft%203%202008-08-16.pdf
47. V. Igure, S. Laughter, and R. Williams Security issues in scada networks Computers & Security 25 7 2006 498 506 (Pubitemid 44637241)
48. InfoSecurity Magazine Mi5 hires teenage hackers in fight against cyberterrorism 2009 accessed on 10.04.11. URL: http://www.infosecurity-magazine. com/view/4129/mi5-hires-teenage-hackers-in-fight-against-cyberterrorism/
49. IT Governance Iso27002 (iso 27002) code of practice for ism 2011 accessed on 21.03.11. URL: http://www.itgovernance.co.uk/products/138?gclid= CKΩbcu93A7Z0CFeZr4wodz1OoMg
50. W. Iversen Hackers step up scada attacks 2004 Automation World accessed on 10.04.11. URL: http://www.automationworld.com/webonly-898
51. Javvin TCP/IP network vulnerability and security May 2008 accessed on 21.03.11. URL: http://www.javvin.com/networksecurity/tcpipnetwork.html
52. G. Keizer Iran arrests 'spies' after Stuxnet attacks on nuclear program 2010 ComputerWorld accessed on 10.04.11. URL: http://www.computerworld.com/s/ article/9189218/Iran-arrests-spies-after-Stuxnet-attacks-on-nuclear-program
53. G. Keizer Is stuxnet the 'best' malware ever? 2010 ComputerWorld accessed on 10.04.11. URL: http://www.computerworld.com/s/article/9185919/Is-Stuxnet- the-best-malware-ever-
54. E. Knapp Industrial network security: securing critical infrastructure networks for smart grid, scada, and other industrial control systems 2011 Syngress
55. J. Leyden 'Chinese cyberspies' target energy giants February 2011 The Register accessed on 10.04.11. URL: http://www.theregister.co.uk/2011/02/10/ night-dragon-cyberespionage/
56. London Chamber of Commerce and Industry Rmt tube strike will cost London economy 48m August 2010 accessed on 21.03.11. URL: http://www.londonchamber.co. uk/lcc-public/article.asp?id=0&did=47&aid=4531&st=&oaid=-1
57. A. Matrosov, E. Rodionov, D. Harley, and J. Malcho Stuxnet under the microscope 2011 ESET accessed on 21.03.11. URL: http://www.go.eset.com/ resources/white-papers/Stuxnet-Under-the-Microscope.pdf
58. McAfee In the crossfire - critical infrastructure in the age of cyber war 2009 accessed on 10.04.11. URL: http://resources.mcafee.com/content/NACIPReport
59. McAfee Virtual criminology report 2009 URL: http://resources.mcafee.com/ content/NAMcAfeeCriminologyReport
60. R. McClanahan Scada and ip: is network convergence really here? IEEE Industry Applications Magazine 9 2 2003 29 36
61. R. Melton, T. Fletcher, and M. Earley System protection profile: industrial control systems October 2004 accessed on 21.03.11. URL: http://www.isd.mel.nist.gov/documents/stouffer/NISTIR-7176.pdf
62. J. Meserve Sources: staged cyber attack reveals vulnerability in power grid 2007 CNN accessed on 10.04.11. URL: http://articles.cnn.com/2007-09-26/us/ power.at.risk-1-generator-cyber-attack-electric-infrastructure?-s=PM:US
63. Microsoft Virus alert about the blaster worm and its variants 2007 accessed on 21.03.11. URL: http://support.microsoft.com/kb/826955
64. ModBUS ModBUS application protocol specification v1.1 2006 URL: http://www.modbus.org/docs/Modbus-Application-Protocol-V1-1b.pdf
65. P. Motta Pires, and L. Oliveira Security aspects of scada and corporate network interconnection: an overview Dependability of computer systems, 2006. DepCos-RELCOMEX '06. International conference on May 2006 127 134
66. E. Nakashima War games reveals u.s. lacks cyber-crisis skills 2010 The Washington Post accessed on 10.04.11. URL: http://www.washingtonpost.com/wp-dyn/ content/article/2010/02/16/AR2010021605762.html
67. J. Napolitano Secretarys web address on cybersecurity: a new challenge for our age - securing america against the threat of cyber attack October 2009 accessed on 10.04.11. URL: http://www.dhs.gov/ynews/gallery/gc-1256070988236. shtm
68. R. Naraine Inside stuxnet: researcher drops new clues about origin of worm September 2010 ZDNet URL: http://www.zdnet.com/blog/security/inside- stuxnet-researcher-drops-new-clues-about-origin-of-worm/7409
69. National Transportation Safety Board Report of pipeline accident pipeline rupture and release of gasoline, olympic pipeline company 2002 accessed on 10.04.11. URL: http://www.idc-online.com/technical-references/pdfs/ instrumentation/Deaths-could-have-been-prevented-by-SCADA.pdf
70. National Vulnerability Database Siemens hard coded password 2010 accessed on 21.03.11. URL: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2772
71. M. Niland Computer virus brings down train signals August 2003 InformationWeek accessed on 10.04.11. URL: http://www.informationweek.com/news/ security/vulnerabilities/showArticle.jhtml?articleID=13100807
72. North American Electric Reliability Council Implementation plan for cyber security standards cip-002-1 through cip-009-1 2009 accessed on 21.03.11. URL: http://www.nerc.com/fileUploads/File/Standards/Revised-Implementation-Plan-CIP- 002-009.pdf
73. Nuclear Regulatory Commission NRC information notice: 2007-15: effects of ethernet-based, non-safety related controls on the safe and continued operation of nuclear power stations April 2007 Accessed on 10.04.11. URL: http://www.nrc.gov/reading-rm/doc-collections/gen-comm/info-notices/2007/ in200715.pdf
74. PA Consulting & NISCC Good practice guide: process control and scada security 2006 accessed on 21.03.11. URL: https://www.niscc.gov.uk/Docs/re- 20051025-00940.pdf
75. Pacific Northwest National Laboratory, U. D. o. E The role of authenticated communications for electric power distribution 2006 URL: http://www.truststc.org/scada/papers/paper34.pdf
76. A. Pallett Controlling the London underground power supply system under the power private finance initiative (pfi) Human interfaces in control rooms, cockpits and command centres, 1999. International conference on 1999 IET 452 457
77. D. Peterson Patching scada systems 2005 URL: http://www.controlglobal. com/articles/2005/369.html
78. K. Poulsen Slammer worm crashed Ohio nuke plant net 2003 The Register URL: http://www.theregister.co.uk/2003/08/20/slammer-worm-crashed-ohio-nuke/
79. J. Russell A brief history of scada/ems 2010 accessed on 30.03.11. URL: http://scadahistory.com/index.html
80. R. Santamarta Datac realwin 2.0 scada software - remote preaauth exploit marc.info 2008 accessed on 21.03.11. URL: http://marc.info/?l=bugtraq&m= 122244368732202&w=2
81. SCADA Honeynet Project Scada honeynet project: building honey pots for industrial networks 2003 accessed on 10.04.11. URL: http://scadahoneynet. sourceforge.net/
82. SCADASecurity.org Open scada security project 2009 accessed on 21.03.11. URL: http://scadasecurity.org/index.php/Main-Page
83. SecDev Group Tracking ghostnet: investigating a cyber espionage network 2009 accessed on 10.04.11. URL: http://www.nartv.org/mirror/ghostnet.pdf
84. Secunia Realwin infotag setcontrol packet processing buffer overflow 2008 accessed on 21.03.11. URL: http://secunia.com/advisories/32055/
85. Security Focus U.S. fears al qaeda cyber attacks 2002 accessed on 10.04.11. URL: http://www.securityfocus.com/news/502
86. J. Slay, and M. Miller Lessons learned from the maroochy water breach Critical infrastructure protection 2007 73 82
87. T. Smith Hacker jailed for revenge sewage attacks 2001 The Register accessed on 10.04.11. URL: http://www.theregister.co.uk/2001/10/31/hacker- jailed-for-revenge-sewage/
88. T. Smith Hacker jailed for revenge sewage attacks 2001 The Register accessed on 21.03.11. URL: http://www.theregister.co.uk/2001/10/31/hacker- jailed-for-revenge-sewage/
89. K. Stouffer, J. Falco, and K. Scarfone Guide to industrial control systems (ics) security 2008 accessed on 21.03.11. URL: http://csrc.nist.gov/ publications/nistpubs/800-82/SP800-82-final.pdf
90. Telent Ict services and solutions 2009 accessed on 10.04.11. URL: http://www.telent.com/files/Tubelines-0303-09LR.pdf
91. D. Teumim Industrial network security 2010 ISA
92. The Guardian Titan Rain - how Chinese hackers targeted Whitehall 2007 accessed 10.04.11. URL: http://www.guardian.co.uk/technology/2007/sep/04/news. internet
93. The White House Washington Critical infrastructure protection 1998 accessed on 21.03.11. URL: http://www.fas.org/irp/offdocs/pdd/pdd-63.htm
94. N. Thornburgh The invasion of the Chinese cyberspies August 2005 The Times accessed on 10.04.11
95. Tracemode.com Trace mode scada/hmi in control of the 1000 mw power-generating unit no. 1 at the kalinin nuclear power plant 2011 accessed on 30.03.11. URL: http://www.tracemode.com/apps/nuclear/
96. Training-classes.com Nerc cybersecurity solutions for cip 002-cip 009 2009 accessed on 21.03.11. URL: http://www.training-classes.com/publications/00/ 18/1848-nerc-cybersecurity-solutions-for-cip-002-cip-009.php
97. Trend Micro Stuxnet malware targeting scada systems 2010 accessed on 21.03.11. URL: http://threatinfo.trendmicro.com/vinfo/web-attacks/ Stuxnet%20Malware%20Targeting%20SCADA%20Systems.html
98. U.S.-Canada Power System Outage Task Force How and why the blackout began in Ohio 2004 accessed on 24.11.11. URL: http://www.nerc.com/docs/docs/blackout/ ch5.pdf
99. Wonderware Efficient production of diabetes product 2009 accessed on 21.03.11. URL: http://www.wonderware.co.uk/-files/cs-23-lifescan-scotland-ltd- 23.pdf
100. Wonderware Network rail - on track to a remote conditioned future 2009 accessed on 21.03.11. URL: http://www.wonderware.co.uk/-files/cs-14-network- rail?14.pdf
101. William F. Young, J.E. Stamp, and J.D. Dillinger Communication vulnerabilities and mitigations in wind power scada systems 2003 accessed on 21.03.11. URL: http://www.sandia.gov/wind/other/031649c.pdf
102. K. Zetter How digital detectives deciphered stuxnet, the most menacing malware in history 2011 URL: http://www.wired.com/threatlevel/2011/07/how- digital-detectives-deciphered-stuxnet/all/1