SCADA Checkup Thursday – CHECKLIST
Following up on the recent Water Treatment SCADA system hack in Florida last week, below is a very quick list of steps you can take TODAY to start on the road of securing your SCADA and overall Operational Technology (OT) infrastructure through a risk assessment.
- Disable remote access software and provide access only when required.
- Check your physical security. Can someone just walk up to your SCADA PC and perform system changes?
- Make a list of everyone that has access to your system.
- Use unique usernames and passwords.
- Enable two-factor authentication.
- Perform a quick survey of your facility. Are you aware of all the systems that can provide remote access? Are there cellular modems installed or vendors that have their own remote access system? Do you know where all your Industrial Control Systems (ICS) are?
- Update your remote access software. Be careful of blindly updating Windows or SCADA software on a live system, there may be conflicts that should be checked first.
What is a Long Term Solution?
Every system is unique and every facility has different budget constraints to meet their Cyber Security objectives. To determine the best course of action, you must perform a system assessment and develop a plan that identifies your risks, helps you determine your risk tolerance and builds a plan (and budget) to deploy a solution. Below is a recommended starting point as you improve your system security.
- Perform a Risk Assessment. Contact us today!
- Update your documentation.
- Add a firewall and configure it to restrict inbound AND outbound connections.
- Setup a method of logging your firewall and access controls.
- Schedule migration of Windows XP and Windows 7 machines.
Microsoft has discontinued support for Windows XP and Windows 7 as of April 8, 2014 and January 14, 2020 respectively. See the quote below from the Microsoft Website
What happens if I continue to use Windows 7? If you continue to use Windows 7 after support has ended, your PC will still work, but it will be more vulnerable to security risks and viruses. Your PC will continue to start and run, but will no longer receive software updates, including security updates, from Microsoft.