State of SCADA Security Worries Researchers
Recent reports painted a bleak picture of the security issues plaguing industrial control systems, but the situation is exacerbated by the fact that administrators are naïve about the dangers, researcher said.
Researchers presented some alarming findings about the state of security for supervisory control and data acquisition systems at the Kaspersky Security Analyst Summit on Feb. 3. SCADA systems are used across varied industries such as oil, water systems, electric grids, controlling building systems, and the basic security model underlying these systems is completely inadequate, they said.
Two researchers decided to try to find 100 bugs in 100 days in industrial control system software, Terry McCorkle, an industry researcher, told attendees at the conference. As they began their research, it quickly became evident the team had underestimated the severity of the problem. "Ultimately, what we found is the state of ICS security is kind of laughable," McCorkle said.