News & Events

SCADA systems are open to attack and viruses, falling outside standard IT protection

Photo of Phil Black - PII Editor Phil Black - PII Editor Follow on X Send an email 27/07/2010
84 1 minute read
Listen to this article

As Siemens announces an attack on its SCADA system by the Stuxnet virus, other automation specialists are urged to review their control-system-security as many will not be protected.

26th July 2010 – SCADA systems are firmly on the target list for criminals, hackers and virus distributors as the Siemens’ SCADA security breach hits the headlines. And, according to a leading Data Defence specialist, it is an indication of how at risk the manufacturing, infrastructure and engineering industries are.

David Robinson, UK and Ireland country manager, Norman Data Defense said: ‘If an organisation the size of Siemens can see its control systems come under attack, then that shows how ‘at risk’ many other organisations that operate these systems are.’ 

The Siemens security breach was reportedly caused by the Stuxnet virus being carried on a USB memory stick. This new type of virus has a boot file built-in. This activates as soon as the memory stick is powered up on insertion into a USB port. But, warns Robinson, who has fifteen years experience working with companies such as Mistubishi, Rockwell and Intelluition working on SCADA and plant intelligence software: ‘it’s not just memory sticks that are putting these systems at risk.’

‘These days anyone with a laptop or a device that connects remotely to a wireless network inside a company’s firewall, is putting that company at risk. It will just be a matter of time before Stuxnet is evolved to wreak havoc on control systems and any other system that the user connects to if their laptop or portable device is infected.’

Norman Data Defense recently carried out research among ordinary workers and found that over half of people surveyed are more cautious with security issues when using their own PC/laptop that they are with their work one. And over three quarters of people would expect a pop up to appear on their screen to alert them to a breach of security which of course is not always going to happen.

Microsoft has issued patches to help users on Windows systems to protect themselves against Stuxnet, but, warns Robinson: ‘My fear is that, with patch management protocols rarely in place in a control system environment, these warnings will go unheeded.’

Photo of Phil Black - PII Editor Phil Black - PII Editor Follow on X Send an email 27/07/2010
84 1 minute read
Show More

    Would you like further information about this article?

    Add your details below and we'll be in touch ASAP!


    Input this code: captcha

    Photo of Phil Black - PII Editor

    Phil Black - PII Editor

    I'm the Editor here at Process Industry Informer, where I have worked for the past 17 years. Please feel free to join in with the conversation, or register for our weekly E-newsletter and bi-monthly magazine here: https://www.processindustryinformer.com/magazine-registration. I look forward to hearing from you!
    Back to top button
    PII logo

    Read our latest issue here

    Join 25,000 process industry specialists and subscribe to:

    • Process Industry Informer bi-monthly magazine
    • Process Industry Update weekly E-newsletter
    • And our regular Podcast and Webinars
    Yes, Sign Me Up!

    PII has a global network of suppliers ready to help...