Page 12 - Cyber Warnings
P. 12
infrastructure, they need to forge reported operational data -- this is how they can blind
operators and protection mechanisms and execute their attacks undetected.
What is Data Forgery?
Nearly every good spy thriller depicts a nail-biting break-in where a security camera system is
reconfigured to play a continuous loop of an empty corridor. The hapless guard has no idea that
the intruders are actually sneaking down the corridor at that precise moment.
When attacking SCADA systems, malicious intrusion is twofold. It's about putting systems into
potentially damaging states and – like in a good spy thriller – hiding all evidence of intrusion.
After all, industrial control systems were designed to be as resilient as possible to malfunctions
and physical disasters. Industrial control operations teams are well trained and highly
experienced in managing faults, downtime, and even weather conditions.
When failures occur, operators are capable of reacting quickly and proficiently to stop the
damage, minimize downtime and to isolate the source of the problem to, ultimately, protect the
critical infrastructure.
Bottom line: Control systems and operators are able to prevent severe damage, as long as they
know the true state of the plant. True state awareness is, in essence, the last line of defense.
How to protect against data forgery
Every physical device and process has a unique fingerprint, due to its particular history and
features. This fingerprint is extremely sensitive to external manipulations. For this reason,
physics is the key to detecting and reacting to data forgery.
For example, if a cooling system reports figures outside of normally acceptable parameters,
sensors will alert operators to this abnormality.
But if attackers configure the cooling system to report acceptable performance levels, hackers
can slowly shut down the system and threaten potentially dangerous and very expensive
equipment – while the operators remain oblivious.
Physical sensor data can be compromised at every step, so we must validate the integrity and
authenticity of the physical signals, revealing the true state of the system’s physical
components.
This can be done either by rigorous encryption of the digitalized physical data (from the sensor
all the way to the operator screen) or detection of data tampering attempts via comparison to a
12 Cyber Warnings E-Magazine November 2016 Edition
Copyright © Cyber Defense Magazine, All rights reserved worldwide
