SCADA Checkup Thursday – CHECKLIST

Following up on the recent Water Treatment SCADA system hack in Florida last week, below is a very quick list of steps you can take TODAY to start on the road of securing your SCADA and overall Operational Technology (OT) infrastructure through a risk assessment.

Short Term

  1. Disable remote access software and provide access only when required.
  2. Check your physical security. Can someone just walk up to your SCADA PC and perform system changes?
  3. Make a list of everyone that has access to your system.
  4. Use unique usernames and passwords.
  5. Enable two-factor authentication.
  6. Perform a quick survey of your facility. Are you aware of all the systems that can provide remote access? Are there cellular modems installed or vendors that have their own remote access system? Do you know where all your Industrial Control Systems (ICS) are?
  7. Update your remote access software. Be careful of blindly updating Windows or SCADA software on a live system, there may be conflicts that should be checked first.

What is a Long Term Solution?

Every system is unique and every facility has different budget constraints to meet their Cyber Security objectives. To determine the best course of action, you must perform a system assessment and develop a plan that identifies your risks, helps you determine your risk tolerance and builds a plan (and budget) to deploy a solution. Below is a recommended starting point as you improve your system security.

  1. Perform a Risk Assessment. Contact us today!
  2. Update your documentation.
  3. Add a firewall and configure it to restrict inbound AND outbound connections.
  4. Setup a method of logging your firewall and access controls.
  5. Schedule migration of Windows XP and Windows 7 machines.

Microsoft has discontinued support for Windows XP and Windows 7 as of April 8, 2014 and January 14, 2020 respectively. See the quote below from the Microsoft Website

What happens if I continue to use Windows 7? If you continue to use Windows 7 after support has ended, your PC will still work, but it will be more vulnerable to security risks and viruses. Your PC will continue to start and run, but will no longer receive software updates, including security updates, from Microsoft.

Other Articles on our website

Cyber Physical Engineering – Oldsmar Water Treatment Hack

Outside Links

https://pcsoweb.com/21-015-detectives-investigate-computer-software-intrusion-at-oldsmar’s-water-treatment-plant

https://arstechnica.com/information-technology/2021/02/computer-intruder-tried-to-poison-drinking-water-for-a-small-florida-city/

https://arstechnica.com/information-technology/2021/02/breached-water-plant-employees-used-the-same-teamviewer-password-and-no-firewall/

https://www.mass.gov/service-details/cybersecurity-advisory-for-public-water-suppliers

News Conference on Youtube

Reference to utilization of shared TeamViewer Password

https://apnews.com/article/water-utilities-florida-coronavirus-pandemic-utilities-882ad1f6e9f80c053ef5f88a23b840f4

Sitemap

Latest Posts

Contact Us

Follow Us

Our Location

ICI Electrical Engineering Ltd.
© 2023 ICI Electrical Engineering Ltd. - Website development assistance by River City Design