SCADA Hack Uncovered

Friday, May 30, 2014 @ 05:05 PM gHale

Just around five years ago, a university researcher and his assistant were able to dig deep into systems and nab a hacker who ended up arrested and convicted and is still serving time in a federal prison.

That is why Dr. Ray Vaughn, vice president for research at The University of Alabama in Huntsville (UAH), knows industrial systems that control elevators, heating and cooling systems, water treatment plants among others just don’t seem all that glamorous and are often a low priority and an easy mark.

Security Provider Hacked
Utility Attacked
iPhone Hack Attack Spreading
Hard Drive Maker Hacked for Year

That’s exactly why they are so vulnerable to takeover by hackers, Vaughn said. He knows that all too well.

Prior to coming to UAH, while at Mississippi State, Vaughn and a research assistant helped nab one bad guy.

“In 2009, my graduate student and I identified a hacker who went by the pseudonym of ‘Ghost Exodus’ and had posted evidence on public websites of his exploits in penetrating and manipulating a SCADA (Supervisory Control and Data Acquisition) system located within a hospital in the Dallas, Texas, area,” Vaughn said. “This individual was also the leader in a hacker group by the name of the Elektronic Tribulation Army (ETA) and was staging a botnet for a wide-spread denial of service attack on government systems.”

Ultimately, the pair identified the first industrial control systems (ICS) hacker convicted and jailed in the United States. He is currently serving seven years in a federal prison for implanting malicious code and manipulating a control system to operate an HVAC system within a hospital.

“Through my experience in this area, I have seen firsthand how vulnerable this sector really is,” Vaughn said. “I believe that there have been many SCADA system vulnerabilities published and that the likelihood of an attack will continue to increase until reliable protection strategies can be put in place.”

People often don’t think of control systems as computer systems, Vaughn said, but they are.

“They have different network protocols and they are often very small with limited computational capability, but they can also be manipulated through malicious attack and they are subject to denial of service attacks, reply attacks, protocol mutation attacks and others.”

These systems control critical infrastructure like power grids, water systems, gas pipelines, dams and other applications that the nation depends on so an attack against them can affect large populations, or worse, can cause a loss of confidence in the utility or government’s ability to operate safely.

“Since 2007, I have been engaged in the research reported in this presentation and have demonstrated both significant and exploitable vulnerabilities and also strategies that are plausible, affordable and reasonable to prevent or mitigate such attacks,” Vaughn said.

Since arriving at UAH, a National Center of Academic Excellence in Information Assurance Education, Vaughn has been working to establish full scholarships to study cyber security where they expect funding from the National Science Foundation’s Scholarship for Service (SFS) program. The scholarships pay for tuition, reimburse health insurance up to a maximum of $2,000 a year, reimburse books up to $1,000 a year and pay for professional development travel up to $3,000 a year.

While at Mississippi State, in 1997 Dr. Vaughn founded and directed the Critical Infrastructure Protection Center there. The center received support from the Department of Homeland Security (DHS) as an outreach effort to operators of the nation’s critical infrastructure. The center supported training activities and research, primarily focused in the area of industrial control system security.

ICS research at UAH and other universities strives to develop new solutions, understand the problem set and engage students in the research effort.

“I believe we have a special obligation here at UAH due to our high concentration of Dept. of Defense and government work. To further this research, UAH has acquired a highly specialized industrial control systems laboratory for research purposes in which I hope to partner with industry,” Vaughn said. “I think this research is an excellent area to work in and will help UAH move more into weapons system vulnerability analysis, medical device security and automotive system security.”

Vaughn’s top 10 concerns about industrial systems:
• Controlling software often has flaws
• No forensics trail
• No third party validation
• Protocols are not standard or robust
• Lack of cyber security tools for prevention, detection and response
• Lack of awareness training in the industrial control systems community
• Lack of vulnerability assessments in critical infrastructure ICS
• Lack of information sharing
• Research facilities and funding are lacking
• Educational opportunities for industrial engineers and information technology (IT) specialists in this area

Leave a Reply

You must be logged in to post a comment.