Attacks on SCADA systems are increasing
Over the first eight months of its current fiscal year (between October 2012 and May 2013), the ICS-CERT registered more attacks on internet-enabled SCADA systems than in the previous twelve months. According to its latest quarterly report, a total of 200 attempted intrusions were detected. The ICS-CERT said that more than half of the incidents affected the energy sector, while 17% targeted the manufacturing industry and 10% critical telecommunication networks.
According to the report, familiar techniques such as SQL injection and spear phishing were used for the attacks. In one incident at a gas compressor station in the US, the attackers unsuccessfully attempted to access the system's process control network using brute force attacks that originated from ten different IP addresses. Compressor stations prepare gas for being transported via pipelines. The report doesn't reveal where the attacks came from, but it highlights the importance of defence systems that can detect and prevent attacks on such critical networks.
(Uli Ries / sno)