1. Authentication
- Brute Force
- Insufficient Authentication
- Weak Password Recovery Validation
2. Authorization
- Credential/Session Prediction
- Insufficient Authorization
- Insufficient Session Expiration
- Session Fixation
3. Client-side Attacks
- Content Spoofing
- Cross-site Scripting
4. Command Execution
- Buffer Overflow
- Format String Attack
- LDAP Injection
- OS Commanding
- SQL Injection
- SSI Injection
- XPath Injection
5. Information Disclosure
- Directory Indexing
- Information Leakage
- Path Traversal
- Predictable Resource Location
6. Logical Attacks
- Abuse of Functionality
- Denial of Service
- Insufficient Anti-automation
- Insufficient Process Validation
|
|
SCADA Security
Supervisory Control and Data Acquisition (SCADA) systems are used for remote monitoring and control in the delivery of essential services/products such as electricity, natural gas, water, waste treatment and transportation. This makes SCADA systems an integral part of a nation’s critical infrastructure. They are also crucial to the continuity of business.
Issues that you need to be aware of when considering SCADA security:
- Recent changes in SCADA systems have exposed them to vulnerabilities that may not have existed before. For example, the switch from using leased telecommunications lines to public infrastructure ie. public CDMA and GSM networks, the use of commodity computers running commodity software and the change from proprietary to open standards have meant that vulnerabilities have been introduced into SCADA systems.
- Effective network design which provides the appropriate amount of segmentation between the Internet, the company’s corporate network, and the SCADA network is critical to risk management in modern SCADA systems. Network architecture weaknesses can increase the risk from Internet and other sources of intrusion.
- There are no mechanisms in SCADA to provide confidentiality of communications. If lower level protocols do not provide this confidentiality then SCADA transactions are communicated “in the clear” meaning that intercepted communications may be easily read.
- Many SCADA systems give little regard to security, often lacking the memory and bandwidth for sophisticated password or authentication systems. As a result there is no mechanism to determine a system user’s identity or if that user is authorized to access. This allows for the injection of false requests or replies into the SCADA system.
- SCADA systems often lack a session structure which, when combined with the lack of authentication, allow the injection of erroneous or rogue requests or replies into the system without any prior knowledge of what has gone on before.
The threat of electronic or physical attacks on SCADA systems could come from a number of different sources. Following are some examples of threat sources:
- insider attack from employees or ex-employees who are disgruntled or for any other reason are a possible security threat;
- organized crime may be driven by financial incentive to penetrate SCADA systems;
- genuine mistakes made as a result of lack of training, carelessness or an oversight;
- terrorists who may be seeking to add electronic attack to their existing capabilities;
- generic Internet threats such as worms, trojans and viruses that infect systems on the Internet can also affect SCADA systems when they use the same software and protocols. This may not be the result of a deliberate attack, SCADA systems may be infected merely because they can be.
- recreational hackers, crackers and virus writers motivated primarily by the challenge and a fascination with technology;
- script kiddies who are primarily untrained and yet have hostile or thrill-seeking
intentions towards almost anything connected to the Internet;.
- activists conducting publicity-seeking attacks; and
- corporate attackers that spy on competitors to gain a competitive advantage.
Experienced with implementing and monitoring Nazomi Guardian for monitoring of SCADA networks to establish the inventory and detect anomalous behavior, and attack signatures corelated with applicable vulnerabilities.
To receive your Free SCADA
Vulnerability Assessment for testing of one attack vulnerability of your choice, please submit your payment of $9999.00 for a second
vulnerability test.
B E T T E R: Please submit your payment of $19999.00 for a complete SCADA Vulnerability Assessment covering over 25 attack methods.
|