Cyber-attacks on industrial control systems doubled in 2014, Dell warns
Annual threat report shows escalation in campaigns against power plants, factories, refineries
Cyber-attacks on supervisory control and data acquisition (SCADA) systems doubled in 2014 as compared with the previous year, according to a Dell report released today.
Industrial operations use SCADA systems to control remote hardware and collect data on performance. According to Dell, attacks against such systems are on the rise, and tend to be political in nature as they target operational capabilities within power plants, factories, and refineries.
The majority of SCADA attacks were in Finland, the UK, and the US. Dell suggested that the reason for this concentration may be that SCADA systems are more common in these regions and more likely to be connected to the Internet. Buffer overflow vulnerabilities continue to be the primary point of attack.
"Since companies are only required to report data breaches that involve personal or payment information, SCADA attacks often go unreported," said Patrick Sweeney, executive director, Dell Security. "This lack of information sharing combined with an aging industrial machinery infrastructure presents huge security challenges that will to continue to grow in the coming months and years."
Dell's annual Threat Report uses data gathered by Dell's Global Response Intelligence Defence (GRID) network and telemetry data from Dell SonicWALL network traffic. The report analyses the most common attacks observed in 2014 and makes predictions on how emergent threats will affect organisations throughout 2015.
Findings other than those related to SCADA include: a rise in point-of-sale (POS) malware variants; attacks against payment card infrastructures targeting retail organisations; and an increase in attacks via SSL/TLS encrypted traffic, which allow perpetrators to "hide in plain sight".
"Everyone knows the threats are real and the consequences are dire, so we can no longer blame lack of awareness for the attacks that succeed," said Sweeney. "Hacks and attacks continue to occur, not because companies aren't taking security measures, but because they aren't taking the right ones."