Recently, the evil hackers have stepped up their assault with the design of viruses designed specifically to attack and exploit industrial control systems, including the Stuxnet worm specifically written to attack Supervisory Control and Data Acquisition (SCADA) systems, and, according to reports, Siemens control systems in particular.
As a result, you need to step up your efforts to secure your systems. How do you go about it? Start with the advice in this recent article in Industry Week that gives you five keys to keep your industrial control system secure.
- Develop Security Awareness
Viruses don’t just come from the internet. They also come from flash & USB drives that were infected on another computer. Be sure to install end-to-end anti-virus solutions and only copy / run new software after it has been scanned and determined to be virus free.
- Do a Risk Assessment
Determine the risk posed by each organizational system and lock it down appropriately. Mission critical systems or systems that control dangerous process or use dangerous materials should be locked down, and, if at all possible, taken completely off the internet.
- Find the Legacy Systems
Some of these systems might be so old that they are no longer supported. As a result, they’ll be especially vulnerable to new exploits as there will be no future patches to plug the holes and newer AV products will not support the legacy systems.
- Triple Lock-down the Wireless Networks
Now that Blackberries, iPhones, and Android devices can be used to control your network, the last thing you want is an open network that anyone with the right software and a mobile smartphone can use to log in locally and take control.
Talk to the IT people and keep abreast of the emerging security issues and have a plan to deal with them before they have their way with you.
Then do the following:
- Lock down any output/display-only devices tighter than Fort Knox.
Disable the USB / external drives, prevent installation of unauthorized programs downloaded over the internet, and make sure the approved anti-virus/anti-spyware programs can’t be disabled. It won’t prevent every threat, but it will prevent known threats from getting in and making more holes that other threats could exploit.
- Do a regular security audit at least quarterly.
You can’t just update your anti-virus programs once a year and assume everything is A-OK. Every install, every update, every new machine and new device is a risk. While you don’t need to go psycho and lock everything down and run a level 5 security threat assessment every week, you should run a basic set of scans and penetration tests once a quarter to make sure you or your staff haven’t inadvertently opened the back door wide open.