SCADA Networks is a supervisory control data acquisition network contains computers and
applications that perform in providing essential services and commodities like gasoline ,
electricity , natural gas , water waste treatment transportation etc to all americans as they are part
of national critical security as they require protection from threats that are present in cyber space
and this network is widely used but it is very weak in providing security to the required
information and scada networks are harmful that could result in public safety concerns .
There are 21 steps to improve cyber security in scada networks -
1)identify all connections to the scada networks
2) disconnect unnecessary connections to the scada network
3)evaluate and strengthen the security of any remaining connections to the scada network
4)harden scada networks by removing or disabling unnecessary services .
5) do not rely on properietry protocols to protect your system
6)implement the security features provided by the system and system vendors
7) establish strong controls over any medium that is used as backdoor into the scada network
8) implement internal external intrusion detection systems and establish 24 hour day incident
monitoring
9) perform technical audits of scada devices and networks and any other connected networks to
identify security concerns
10) conduct physical security surveys and asses all remote sites connected to the scada network
to evaluate the security .
11) establish scada red teams to identify and evaluate possible attack scenarios
12) clearly define cyber security roles , responsibilities and authorities for managers , system
administrators and users
13) document network archietecture
14) eastablish rigorous and ongoing risk management process
15)establish network protection strategy
16) clearly certify cyber security requirements
17) establish effective configuration management process
18) condect routine self assessments
19) establish system backups and disastor recovery plans
20)senior organization leadership should establish expectations for cyber security performances
21) eastablish policies
Among these 21 steps to improve cyber security in scada network the 8th step ie
IMPLEMENT INTERNAL AND EXTERNAL INTRUSION DETECTION SYSTEM AND
ESTABLISH 24 HOUR A DAY INCIDENT MONITORING - the security scanner can correlate
events from a wide variety of network intrusion detection system and the correlation includes
real time vulnerablity to event correlation such that only intrusion detection system which target
vulnerable servers are alerted on and it also include pre asset analysis such that all IDS events
going to or from a particular asset group are considered this makes analysis of any threat to a
specific scada network much easier lastly the log correlation engine can also accept logs from
many different NIDS as well as other sources of data include netflow , network monitoring ,
firewall logs and application logs and the LCE perform anomaly .
SCADA Networks is a supervisory control data acquisition network con.pdf
1. SCADA Networks is a supervisory control data acquisition network contains computers and
applications that perform in providing essential services and commodities like gasoline ,
electricity , natural gas , water waste treatment transportation etc to all americans as they are part
of national critical security as they require protection from threats that are present in cyber space
and this network is widely used but it is very weak in providing security to the required
information and scada networks are harmful that could result in public safety concerns .
There are 21 steps to improve cyber security in scada networks -
1)identify all connections to the scada networks
2) disconnect unnecessary connections to the scada network
3)evaluate and strengthen the security of any remaining connections to the scada network
4)harden scada networks by removing or disabling unnecessary services .
5) do not rely on properietry protocols to protect your system
6)implement the security features provided by the system and system vendors
7) establish strong controls over any medium that is used as backdoor into the scada network
8) implement internal external intrusion detection systems and establish 24 hour day incident
monitoring
9) perform technical audits of scada devices and networks and any other connected networks to
identify security concerns
10) conduct physical security surveys and asses all remote sites connected to the scada network
to evaluate the security .
11) establish scada red teams to identify and evaluate possible attack scenarios
12) clearly define cyber security roles , responsibilities and authorities for managers , system
administrators and users
13) document network archietecture
14) eastablish rigorous and ongoing risk management process
15)establish network protection strategy
16) clearly certify cyber security requirements
17) establish effective configuration management process
18) condect routine self assessments
19) establish system backups and disastor recovery plans
20)senior organization leadership should establish expectations for cyber security performances
21) eastablish policies
Among these 21 steps to improve cyber security in scada network the 8th step ie
IMPLEMENT INTERNAL AND EXTERNAL INTRUSION DETECTION SYSTEM AND
ESTABLISH 24 HOUR A DAY INCIDENT MONITORING - the security scanner can correlate
2. events from a wide variety of network intrusion detection system and the correlation includes
real time vulnerablity to event correlation such that only intrusion detection system which target
vulnerable servers are alerted on and it also include pre asset analysis such that all IDS events
going to or from a particular asset group are considered this makes analysis of any threat to a
specific scada network much easier lastly the log correlation engine can also accept logs from
many different NIDS as well as other sources of data include netflow , network monitoring ,
firewall logs and application logs and the LCE perform anomaly detection on the logs and search
for changes in behaviour traditional which NIDA miss . and real world example for IDS and
NIDS ie intrusion detection systems can be used in potecting the networks from traffics by using
signature based detection in networks based on ids monitor packets in network and compares
with the predetermined attack patterns known as signatures and this can be used in organizations
and in our houses we can use intrusion detection methods by using alarms if any intruder entered
into the house then we get alarm signal so that it can make owner of the house to be carefull and
active .
Solution
SCADA Networks is a supervisory control data acquisition network contains computers and
applications that perform in providing essential services and commodities like gasoline ,
electricity , natural gas , water waste treatment transportation etc to all americans as they are part
of national critical security as they require protection from threats that are present in cyber space
and this network is widely used but it is very weak in providing security to the required
information and scada networks are harmful that could result in public safety concerns .
There are 21 steps to improve cyber security in scada networks -
1)identify all connections to the scada networks
2) disconnect unnecessary connections to the scada network
3)evaluate and strengthen the security of any remaining connections to the scada network
4)harden scada networks by removing or disabling unnecessary services .
5) do not rely on properietry protocols to protect your system
6)implement the security features provided by the system and system vendors
7) establish strong controls over any medium that is used as backdoor into the scada network
8) implement internal external intrusion detection systems and establish 24 hour day incident
monitoring
9) perform technical audits of scada devices and networks and any other connected networks to
identify security concerns
10) conduct physical security surveys and asses all remote sites connected to the scada network
3. to evaluate the security .
11) establish scada red teams to identify and evaluate possible attack scenarios
12) clearly define cyber security roles , responsibilities and authorities for managers , system
administrators and users
13) document network archietecture
14) eastablish rigorous and ongoing risk management process
15)establish network protection strategy
16) clearly certify cyber security requirements
17) establish effective configuration management process
18) condect routine self assessments
19) establish system backups and disastor recovery plans
20)senior organization leadership should establish expectations for cyber security performances
21) eastablish policies
Among these 21 steps to improve cyber security in scada network the 8th step ie
IMPLEMENT INTERNAL AND EXTERNAL INTRUSION DETECTION SYSTEM AND
ESTABLISH 24 HOUR A DAY INCIDENT MONITORING - the security scanner can correlate
events from a wide variety of network intrusion detection system and the correlation includes
real time vulnerablity to event correlation such that only intrusion detection system which target
vulnerable servers are alerted on and it also include pre asset analysis such that all IDS events
going to or from a particular asset group are considered this makes analysis of any threat to a
specific scada network much easier lastly the log correlation engine can also accept logs from
many different NIDS as well as other sources of data include netflow , network monitoring ,
firewall logs and application logs and the LCE perform anomaly detection on the logs and search
for changes in behaviour traditional which NIDA miss . and real world example for IDS and
NIDS ie intrusion detection systems can be used in potecting the networks from traffics by using
signature based detection in networks based on ids monitor packets in network and compares
with the predetermined attack patterns known as signatures and this can be used in organizations
and in our houses we can use intrusion detection methods by using alarms if any intruder entered
into the house then we get alarm signal so that it can make owner of the house to be carefull and
active .