SCADA Worm Case Study

It has been observed that the threats of cyber security have been on the rise. For this reason, there are focuses on the concerns on how systems that are responsible for managing the critical infrastructures that almost everyone depends on are put in place. It should be understood that essential infrastructure is used to mean assets that are essential for the society and the economy in overall to function.

Is your time best spent reading someone else’s essay? Get a 100% original essay FROM A CERTIFIED WRITER!

Save 25%

It should be noted that in this 21st Century, the world has been dominated by various forms of cyber communication. The threat of an imminent disaster in the name of cyber-attack is forthcoming. It is true that there are possibly severe global ramifications for such very complicated and sophisticated cyber-attack especially on the critical infrastructure systems of a country. The current incident of the Stuxnet worm attacks that resulted in significant damages to the uranium development facility located in Iran highlighted the realistic likelihood of the threats of this worm. Also Iran, where quite some filters were interfered with, many other organizations with similar equipment setup bore the brunt of the virus release (McMillian, 2010). This included a US-based energy and oil company, Chevron among other many organizations in nations like Indonesia, China, Pakistan, Germany and others.

In the United States, the Department of Security identified some infrastructure that was thought to be critical and therefore needed protection from such worm attacks. These were observed as the sensitive sectors as the networks, assets or services, disturbing which possibly would have severe negative repercussions on the government structures as well as citizens. These infrastructures that are deemed to be critical highly rely on hardware and software of computer programs for them to function efficiently. The introduction of the Stuxnet worm triggered apprehensions concerning the security and safety of several essential infrastructure facilities that are always controlled and monitored by supervisory control and data acquisition system. With the introduction of this supervisory control and data acquisition system, it is believed that this will profoundly help in the specific target of this SCADA worm (McMillian, 2010). This system will significantly control essential infrastructures both in energy and industrial sectors like nuclear facilities, oil and gas pipelines, and water treatment plants among others. Therefore, Stuxnet worm portends to weaken many activities that are fundamental to the necessary foundation of the current society. The resulting disruptions as a result of this worm could affect the government's ability to provide essential services that include national as well as international services.

Since this problem was realized, several experts have come on board to offer advice about how this problem can be dealt with, some with and others with no relevant control system knowledge. All these personalities are offering insights concerning how Stuxnet can be handled including attacks related to Stuxnet. It is worth mentioning that as much as no one solution has been identified to help block the attacks, it is true that combined measures that include policies and processes can profoundly help to minimize the adverse effects that are as a result of such attacks. To know the various ways and measures in advance that would help mitigate this problem should be based on excellent and depth strategy that tends to utilize independent and multiple layers of protection (Kerr et al., 2010). Undeniably, the Stuxnet project team agrees that as much as it will be possible to find faults in the solutions advised, it is going to be very difficult to realize and exploit problems in a complex solution that hinge on several protective measures. The mitigation procedure that has been proposed and used for some time now breaks the concept into two different phases. That is prevention and reaction.

It is advised that the first step of measures should be preventative and should, therefore, be made to reduce the likelihood that a control system could be vulnerable to such attacks. Another, which is equally essential mitigation measure is reactive, and the structures should be planned to reduce any possible adverse effects to the control system in any case the system becomes vulnerable to any worm attack (Karnouskos, 2011). It should be known that each of these countermeasures should have both the active and passive components that put into use the indirect as well as direct methods while responding to the specific attack event. The measures to counter this problem are then implemented in a real-time based on the results of the attack as well as the duration when the attack took place.

In looking at the levels of responsibilities between the private and public sectors in mitigating the threats, it is true that both sectors have shown almost equal concern regarding efforts that have been established to help mitigate the possible problems by the threats of this worm (Kerr et al., 2010). However, the government being a major stakeholder has shown more indications of the need to deal with the treat. This is because of the need by the government to protect its significant infrastructures with which it has heavily invested in. Both the systems are under attack. An example of such attacks is such as the one that was reported to have been organized by the hacking unit of China. It is believed that this group involved in the attacks that aimed at attacking a company using remote access to almost more than sixty per cent of oil and gas pipelines in the Northern parts of America. In any case, the attack was conducted; it could have had very far-reaching effects on the supply of energy as well as environment across the United States and Canada (Karnouskos, 2011). So basically, both the government and the private sectors have indicated dire concerns to put up measures that would help curb any threat that is posted on the infrastructure facilities within the United States.

It is wise to note that one of the most observed problems in the SACADA environment is the absence of its specific security policy. The following are some of the policy frameworks.

Personnel security policy-this looks into the affairs of workers where they will have different functions and security requirements compared to others on small IT network. The policy will help to express the job specifications and hiring policy for the SCADA staff.

Data security policy will, however, help in determining the treatment of the data categories that are defined in the in the security schedule.

Security policy on communication which helps to identify the paths which data takes through a network outlines protection mechanisms for various network sections, security zones as well as permissions on external connections.

Another policy framework is the platform security policy which will help to identify safe configuration problems that are needed within the system of SCADA.

It is true that when these entire policy frameworks are fully implemented, the threat of the attack of the SCADA worm will tremendously reduce.

References

Karnouskos, S. (2011, November). Stuxnet worm impact on industrial cyber-physical system security. In IECON 2011-37th Annual Conference on IEEE Industrial Electronics Society (pp. 4490-4494). IEEE.

Kerr, P. K., Rollins, J., & Theohary, C. A. (2010). The Stuxnet computer worm: Harbinger of an emerging warfare capability (pp. 7-5700). Washington, DC: Congressional Research Service.

McMillian, R. (2010). Iran was a prime target of SCADA worm. Computer World.