SCADA Vulnerable to Cyber Attack and EMPs

Originally posted May 25, 2012.

Have you heard the term SCADA? An event affecting SCADA—Supervisory Control and Data Acquisition systems—is potentially one of the worst threats America faces. The EMP Commission Report referred to SCADA as “critical elements in every aspect of every critical infrastructure in the Nation.” The commission highlighted SCADA as vulnerable to EMP attack. But cyber-attack is another route to these vital systems.

SCADA Systems Control Everything

SCADA control everything—electricity, water, sewage, traffic lights, trains, phones, corporate computer systems, procurement systems, billing systems, oil and gas pipelines and more. A widespread SCADA attack could wreak havoc. The Congressional Research Service described a worst-case scenario as the combination of a physical attack and an attack on SCADA systems:

This use of cyber-terrorism could result in an amplification of the physical attack’s effects. An example of this might be a conventional bombing attack on a building combined with a temporary denial of electrical or telephone service. The resulting degradation of emergency response, until back-up electrical or communication systems can be brought into place and used, could increase the number of casualties and public panic.

SCADA Have Already Been Attacked by Cyber Threats

Cyber-attack threats to SCADA systems have already been realized. The well-known Stuxnet virus that apparently set back Iranian uranium enrichment systems targeted the systems’ SCADA controls. Viruses like Stuxnet get between systems and their controllers. The controllers believe everything is fine. Meanwhile the systems are given directions to go haywire. An HP TippingPoint analysis of Stuxnet explained the process like this:

A malicious Stuxnet DLL file intercepted commands and replaced them with its own destructive commands. To prevent detection, it disabled automated alarms and masked what was happening to the PLCs by intercepting communications between computers. It literally stripped away any signs of an infection, so workers monitoring the SCADA system could only see legitimate commands and operation.

SCADA Attacks May Have Exacerbated the 2003 Blackout

In the report quoted above, the CRS indicated that the Blaster worm could have exacerbated the 2003 blackout in the Northeast. That outage cost up to $10 billion in the U.S., according to the U.S.-Canada Power System Outage Task Force setup to investigate the outage. According to the NRC, computers at the Indian Point nuclear power plant were compromised and “various computer systems had to be removed from service, including the Critical Function Monitoring System, the Local Area Network, the Safety Assessment System/Emergency Data Display System, the Digital Radiation Monitoring System and the Safety Assessment System.”

According to the GAO, in January of 2003 another virus named Slammer “infected a private computer network at the Davis-Besse nuclear power plant in Oak Harbor, Ohio, disabling a safety monitoring system for nearly 5 hours. In addition, the plant’s process computer failed, and it took about 6 hours for it to become available again. Slammer reportedly also affected communications on the control networks of other electricity sector organizations by propagating so quickly that control system traffic was blocked.”

What Can You Do to Prepare for a Cyber-Attack?

These are SCADA system attacks, carried out here in the U.S.A. What can you do to prepare for a possible cyber-attack on U.S. SCADA systems? Read Dick Young’s “EMP Threat: Be Prepared.” The effects of an EMP or cyber-attack would be similar. Prepare yourself and your family by keeping extra food and water on hand. Review the other steps Dick Young lays out in his piece on EMP attack preparation.