July 30, 2008
SCADA Security Incidents Will Become More Prevalent, According to Lumeta
SOMERSET, N.J., July 30 /PRNewswire/ -- Lumeta, the leading provider of Network Assurance solutions for enterprises and government agencies, today warned that, as industries connect their previously isolated Supervisory Control and Data Acquisition (SCADA) systems to their larger TCP/IP networks to gain better accessibility and to lower costs, they will also potentially subject these critical industrial controls to higher security risks. As connectivity becomes ever more ubiquitous throughout organizations, it is certain that more SCADA security incidents will occur and, given how much of the world's infrastructure they control, they could potentially have serious repercussions.
"SCADA systems need to be absolutely secure, given that they control some of our most vulnerable infrastructure, including gas pipelines, chemical plants and nuclear facilities," said Michael Markulec, chief operating officer at Lumeta. "Network management needs to know whether and how their SCADA systems connect to the larger corporate network so that these connections can be locked down. Because, as we've seen with recent incidents, it does not take a cyber attack to take out a power plant -- simple computer error will do the trick as well, if connections do not comply with policy."
For example, in March, the Hatch Nuclear Power Plant in Georgia went through an emergency shutdown as a result of a software update that was made on the plant's business network. The business network was in two-way communication with the plant's SCADA network and the update synchronized information on both systems. Reset after a reboot, the SCADA safety systems detected a lack of data and signaled that the water level in the cooling systems for the nuclear fuel rods had dropped, which caused an automatic shutdown. Engineers were aware of the two-way communication link, but they did not know that the update would synchronize data between the two networks.
There was no danger to the public, but any time an electric generation plant shuts down, the power company loses millions of dollars in revenue and has to incur the substantial expense of getting the plant back online - no small task for a nuclear facility. And the Hatch incident was only the latest in a string of accidents and unnecessary shutdowns whose cause was due to some problem on the network. The Browns Ferry nuclear plant in Alabama, for example, shut down in 2006 when a network traffic overload locked up pump controls.
In the case of Hatch Nuclear Power Plant, engineers chose to sever all physical connections between the SCADA and business networks.
"However, these engineers would be mistaken in thinking that the SCADA network is now safe without a regular assessment of connectivity to ensure that no connections between the SCADA network and the corporate network appear," commented Markulec. "TCP/IP networks are designed to make connectivity easy, and the ubiquity of today's corporate networks open up the possibility of someone inadvertently connecting SCADA to the larger network, with potentially disastrous consequences."
According to Markulec, the industry need not give up on the cost and management advantages of connecting their SCADA networks to the larger network. As long as they possess strong safety systems and conduct frequent and regularly scheduled network scans to understand the full scope of connectivity and to guarantee that all connections conform to security policy, critical infrastructure should not fall prey to unforeseen security risks such as network leaks.
About Lumeta Corporation
Lumeta empowers large enterprise and government agencies with global network visibility, allowing them to understand how network change affects security, availability, and compliance.
Lumeta's IPsonar is the industry's only network assurance solution that discovers and maps every asset on a network, including assets not currently under management. This capability enables IT professionals to analyze the connectivity between assets and networks, uncover risk patterns, and automate the enforcement of network policies.
With this level of network assurance, IT organizations can harden security, improve business continuity, and deploy new services without impacting its ability to deliver existing services.
For more information, visit the Lumeta Web site at http://www.lumeta.com/.
Lumeta, the Lumeta logo, IPsonar and the IPsonar logo are trademarks and service marks of the Lumeta Corporation. Other product and company names appearing in this document may be trademarks of their respective owners.
Media Contacts: Michael Aalto Davies Murphy Group 781-418-2416 [email protected]
CONTACT: Michael Aalto of Davies Murphy Group, +1-781-418-2416,[email protected], for Lumeta
Web site: http://www.lumeta.com/