Public Water Control System Attacked

Joe Weiss recently reported on the possible hacking of a public water SCADA system, apparently in Illinois. This attack, if it was an attack, caused damage to a pump by turning it on and off repeatedly.

It seems obvious that this situation is going to be repeating itself more and more. If you’re a company with industrial control systems, or you provide control system services, now’s a great time to start thinking about your control system security strategy. Do you have the necessary skills on staff? If not, where are you going to source them from?

2 thoughts on “Public Water Control System Attacked

  1. AJ

    Whoever designed that control system, they should cake care of too frequent on-off-on-off at PLC level, shouldn’t they?

  2. Scott Whitlock Post author

    @AJ – Normally there are such safeties in place, but if someone is gaining access to the system remotely, you don’t really know at what level they’re at in the control system. Most PLC’s will let you read and write memory locations (tags) without any kind of authentication. Even locking the PLC program with a password is usually implemented in the PLC progarmming software, not in the PLC itself. Reading and writing program data is normally still possible even if the PLC is locked or the key switch is set to RUN mode – it only prevents you from modifying the program, not the data.

    Additionally, how many times is the PLC programming software installed on the same PC as the SCADA software? On smaller installations, that’s common. That means if you have access to the SCADA PC, you have to assume you have access to every piece of hardware on that network.

    I think the point here is that no outside person should be allowed to even remotely monitor a system like this, let alone mess with the control inputs.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.