14 DAY TRIAL // Experts believe that the recent attacks on the SCADA systems of the water utilities in South Houston and Illinois are just a small fragment of what's about to happen if companies fail to properly secure their networks.
According to SC Magazine, Sourcefire's technical director, Dominic Storey, believes that the only way to efficiently prevent hacking operations that could cost businesses large sums of money is to implement intrusion detection systems (IDS).
“The thermal stress caused the damage [to the water pump in the first attack]; this is something we talk about when customers deploy intrusion prevention systems (IPS). It cannot determine an advanced persistent threat (APT) as, once it is in, it is largely useless, so that is where intrusion detection systems (IDS) helps through anomaly detection analysis,” he said.
He claims that SCADA systems in many cases rely on old Windows platforms that are full of security weaknesses and that's why a proactive safekeeping method is needed. These systems should be considered as a third network and protected accordingly by the organizations that host them.
“Focus on protecting, know what the devices are and have a back-up plan if you cannot detect something with a rule. Put together you have a pragmatic solution. A lot of people think of SCADA as power and water, but think about a manufacturer like Heinz, Guinness or DHL; if their system breaks down or is compromised, it is a huge issue,” Storey added.
In his opinion no one will take matters seriously until a major brand is hit. That will be the turning point that will make other companies see these attacks as real threats.
Unfortunately, at the way things are going, in times when companies protect their assets only with three-character passwords, such a cyberattack may come sooner than most can imagine.