Two decades of SCADA exploitation: A brief history

Since the early 1960, industrial process control has been applied by electric systems. In the mid 1970's, the term SCADA emerged, describing the automated control and data acquisition. Since most industrial and automation networks were physically isolated, security was not an issue. This changed, when in the early 2000's industrial networks were opened to the public internet. The reasons were manifold. Increased interconnectivity led to more productivity, simplicity and ease of use. It decreased the configuration overhead and downtimes for system adjustments. However, it also led to an abundance of new attack vectors. In recent time, there has been a remarkable amount of attacks on industrial companies and infrastructures. In this paper, known attacks on industrial systems are analysed. This is done by investigating the exploits that are available on public sources. The different types of attacks and their points of entry are reviewed in this paper. Trends in exploitation as well as targeted attack campaigns against industrial enterprises are introduced.

[1]  Hovav Shacham,et al.  Comprehensive Experimental Analyses of Automotive Attack Surfaces , 2011, USENIX Security Symposium.

[2]  Miguel Areias,et al.  SECURITY FOR CRITICAL INFRASTRUCTURE SCADA SYSTEMS , 2013 .

[3]  Hans D. Schotten,et al.  Investigation of cyber crime conducted by abusing weak or default passwords with a medium interaction honeypot , 2017, 2017 International Conference on Cyber Security And Protection Of Digital Services (Cyber Security).

[4]  Sujeet Shenoi,et al.  Security Strategies for SCADA Networks , 2007, Critical Infrastructure Protection.

[5]  Paulo S. Motta Pires,et al.  Security Aspects of SCADA and Corporate Network Interconnection: An Overview , 2006, 2006 International Conference on Dependability of Computer Systems.

[6]  Osama A. Mohammed,et al.  Hey, My Malware Knows Physics! Attacking PLCs with Physical Model Aware Rootkit , 2017, NDSS.

[7]  Simson L. Garfinkel,et al.  RFID privacy: an overview of problems and proposed solutions , 2005, IEEE Security & Privacy Magazine.

[8]  Brent Kesler,et al.  The Vulnerability of Nuclear Facilities to Cyber Attack; Strategic Insights: Spring 2010 , 2011 .

[9]  Hans D. Schotten,et al.  Angriffserkennung für industrielle Netzwerke innerhalb des Projektes IUNO , 2017, ArXiv.

[10]  Tsutomu Matsumoto,et al.  IoTPOT: Analysing the Rise of IoT Compromises , 2015, WOOT.

[11]  Wenyuan Xu,et al.  The feasibility of launching and detecting jamming attacks in wireless networks , 2005, MobiHoc '05.

[12]  Majid Hashemi,et al.  Ghost in the PLC: Designing an Undetectable Programmable Logic Controller Rootkit via Pin Control Attack , 2016 .

[13]  Mauro Conti,et al.  A Survey of Man In The Middle Attacks , 2016, IEEE Communications Surveys & Tutorials.

[14]  Vinay M. Igure,et al.  Security issues in SCADA networks , 2006, Comput. Secur..

[15]  Juan Lopez,et al.  Firmware modification attacks on programmable logic controllers , 2013, Int. J. Crit. Infrastructure Prot..

[16]  Federico Accerboni,et al.  15. ISO/IEC 27001 , 2019, Quality Management: Tools, Methods, and Standards.

[17]  Paula Fikkert,et al.  Specification of the Bluetooth System , 2003 .

[18]  Jayne Caswell A Survey of Industrial Control Systems Security , 2011 .

[19]  Alvaro A. Cárdenas,et al.  Attacking Fieldbus Communications in ICS: Applications to the SWaT Testbed , 2016, SG-CRC.

[20]  S. Shankar Sastry,et al.  A Taxonomy of Cyber Attacks on SCADA Systems , 2011, 2011 International Conference on Internet of Things and 4th International Conference on Cyber, Physical and Social Computing.

[21]  Julie Beth Lovins,et al.  Development of a stemming algorithm , 1968, Mech. Transl. Comput. Linguistics.

[22]  Adi Shamir,et al.  Weaknesses in the Key Scheduling Algorithm of RC4 , 2001, Selected Areas in Cryptography.

[23]  Hans D. Schotten,et al.  Highly Scalable and Flexible Model for Effective Aggregation of Context-based Data in Generic IIoT Scenarios , 2017, ZEUS.

[24]  Srdjan Capkun,et al.  Relay Attacks on Passive Keyless Entry and Start Systems in Modern Cars , 2010, NDSS.

[25]  Tobias Zillner,et al.  ZigBee Exploited The good , the bad and the ugly , 2015 .

[26]  Marc Zimmermann,et al.  Distributed and highly-scalable WAN network attack sensing and sophisticated analysing framework based on Honeypot technology , 2017, 2017 7th International Conference on Cloud Computing, Data Science & Engineering - Confluence.

[27]  Gerhard P Hancke,et al.  Introduction to Industrial Control Networks , 2013, IEEE Communications Surveys & Tutorials.

[28]  Qijun Gu,et al.  Iso/iec 27001 , 2011, Encyclopedia of Cryptography and Security.

[29]  Levente Buttyán,et al.  Duqu: A Stuxnet-like malware found in the wild , 2011 .