SCADA/ICS Systems

Have you ever wondered how electric grids, oil, gas, water, and energy systems can be shut down? These are examples of SCADA/ICS systems, which stand for Supervisory Control and Data Systems and ICS stands for Industrial Control, Systems Today, in my class I learned about the importance of safeguarding these systems. Let's explore the three most notable SCADA/ICS attacks:

• Stuxnet- The most famous SCADA/ICS attack in history, this attack focused upon the Seimens PLC controllers used at the Iranian uranium plant at Natanz. Stuxnet, built by the NSA and was used to slow the Iranian nuclear program.

• Triton/Triconex- The Triton/Triconex malware was first found in December 2017 on the industrial control systems of a Saudi petrochemical facility. What makes this malware stand out is that is designed to kill people. This malware infects the safety control systems (SIS) built by Schneider Electric that are designed to shut down these facilities in the event of an accident.

• BlackEnergy3- Blackenergy3 was malware that was re-purposed to attack the electrical grid of Ukraine in 2014. Originally developed as a DDoS tool, Blackergy3 was re-purposed to enable the attacker to access systems within an electrical utility in the Ukraine.

There are so many other examples of these types of attacks. SCADA/ICS systems are the most important systems to any economy. However, it’s funny because they are the least protected systems that run on 1970s - 2000s hardware and software. Any type of Cyberwar between countries will include the drive to disable these systems to harm and halt the economy. It’s not surprising that these attacks go unreported because if normal people find out how insecure these systems are it would cause harm.