ICS & SCADA Systems: What Are They & How Do We Defend Them?

The first time I heard the SCADA acronym, it was associated with the Stuxnet worm that was discovered in 2010. If you haven’t heard about Stuxnet, it was a cyber worm that struck and crippled an Iranian nuclear facility that contained centrifuges used to manufacture weapons-grade uranium¹. The system targeted by Stuxnet was a Supervisory Control and Data Acquisition (SCADA) System. SCADA systems are mainly used to control production systems in factories, and they are vital for critical infrastructure. Trend Micro warned that weaknesses in SCADA systems could have grave real-world consequences², so it is critical that we learn how to secure and defend them.

In Cybrary’s beginner level ICS/SCADA Fundamentals course, Instructor Chris Kubecka does a great job of introducing students to the basics of Industrial Control Systems (ICS) protocols and SCADA systems, outlining the basics of ICS/SCADA protocols, and discussing the risks associated with ICS systems. This course consists of 3 guided modules designed to provide students with a solid background to understand the fundamentals of ICS/SCADA systems.

The introductory nature of this ICS/SCADA Fundamentals course makes it great for anyone who wants to learn more about ICS/SCADA systems, including but not limited to:

• Information Technology (IT) Program Auditor
• ICS Engineers
• Developers
• Electrical Engineers
• Digital Security Teams
• Security Control Assessor
• Cyber Policy and Strategy Manager
• Cyber Defense Infrastructure Support Specialist
• Executive Cyber Leadership

This course will answer some of the burning questions you probably have about ICS & SCADA systems, including:

• What are the differences between IT and ICS networks?
• Do IT and ICS use the same technology?
• Why is understanding ICS important?
• What are the risks and threats to ICS and SCADA networks?
• What are SCADA systems and how do we defend them?

In Module 1, the basics of ICS & SCADA systems are reviewed and outlined, an overview of what to expect in the course is provided, and the major differences between IT and ICS are discussed. Instructor Kubecka provides an overview of the trends, technologies, threats, and risks surrounding ICS systems. The importance of understanding ICS systems is discussed, and real-world scenarios are presented to help students understand the reality of the threats to ICS systems.

In Module 2, Instructor Kubecka goes into a little more depth to teach the students about ICS technology and proprietary and commonly used ICS protocols and provides an interesting review of an ICS cyberwar case study. Module 2 begins with an overview of the different types of ICS and the major ICS components & architecture. The module continues with a lesson on the different levels of ICS networks and a discussion about why ICS is so important. The everyday usage of ICS technology is discussed, and the major security considerations are discussed. Instructor Kubecka provides an introduction and overview of Modbus and BACnet protocols and goes into some detail about how they function. Module 2 continues with the review of an ICS Cyber War Case Study that was based on real-world situations that leveraged ICS SCADA systems. This case study discussion provided a unique level of insight that brought a realistic picture of the threats to ICS SCADA systems to this course.

Module 3 includes common questions and a summary of the course. This module provides an overview of what was learned in the course, including why ICS is a critical function, the general differences between IT & ICS networks and real-world risks to critical infrastructure. ICS SCADA systems drive our world, and we must understand these systems and understand how to defend them.

References

1. Farwell, J. &. (2011). Stuxnet and the future of cyberwar. Survival, 53(1), 23-40. doi:10.1080/00396338.2011.555586

2. Trend Micro (2019, December 16). One Flaw too Many: Vulnerabilities in SCADA Systems. Retrieved from https://www.trendmicro.com/vinfo/us/security/news/vulnerabilities-and-exploits/one-flaw-too-many-vulnerabilities-in-scada-systems