Supervisory Control and Data Acquisition: Stuxnet Worm Attack Case Study

Exclusively available on Available only on IvyPanda® Written by Human No AI

Introduction

Protecting a nation’s critical infrastructure refers to the need to protect key infrastructures like food and cultivation. The government in every region is responsible for protecting these basic infrastructures from destruction by natural calamities, terrorism, and in this current world, from cyber-attacks. Supervisory Control and Data Acquisition (SCADA) systems are a component of the critical infrastructure and are affected by the Stuxnet worm. SCADA is a system that enabled organizations to document occurrences in a log file, relate with devices straightaway and manage industrial processes remotely. Stuxnet is a computer worm that was programmed to delve into industrial systems and inquire from the host’s specific information (Abou, 2021). Stuxnet takes advantage of the vulnerabilities of systems in the nation and can replicate itself to perform complex actions in a computer without any human intervention. The United States (US) is faced with security challenges in protecting its critical infrastructure since it is vulnerable to and has been impacted by the Stuxnet worm. The government sectors can employ some methods to mitigate the threats and vulnerabilities.

The Impact and the Vulnerability of the SCADA/Stuxnet Worm

The US is currently vulnerable to cyber-attacks due to the presence of Stuxnet worms in its critical infrastructure essential to contemporary society. The vulnerability results from the US depending on SCADA systems to control vital and complex functional processes, yet the system is prone to Stuxnet worm. The extensive adoption of these systems arose from the need to manage important commercial systems in an economical way to support the growth of demand for commodities and services in the current society. Industrial complexity is the reason for the need for SCADA systems in the US that are prone to cyber-attacks; this makes them vulnerable to Stuxnet malware. The requirement for periodic updates is among the typical susceptibilities of SCADA since the updates are done via the internet, thus creating an avenue for intruders.

The ease of handling updates surpassed security priorities due to many SCADA systems being integrated with other industrial systems in the US, which led to more vulnerabilities. The nation has been overly dependent on these systems, exposing its critical infrastructures to cyber-attacks. Components of SCADA have the likelihood of being overburdened with tasks compelling information to be released wholly, and this relates to attack. Stuxnet worm is a malware that attacks the SCADA model in the US; it was specifically programmed for SCADA in the industrial system. Stuxnet is now engineered so that its spread is minimized so that the likelihood of it being discovered is reduced and reduces unwanted attention.

SCADA worm has increased indirect costs associated with the critical infrastructure, and this results in losses. A cyber-attack from Stuxnet can lead to economic loss and loss of lives; power blackouts in the US cities resulting from a power plant experiencing a cyber-attack have caused many to lose lives and some businesses to experience losses. Due to the increasing threats to the critical infrastructure of the US, the nation needs to evaluate constantly the SCADA vulnerabilities for them to protect the infrastructure and the society. At some times, drones from the US were attacks by the use of Stuxnet as a catalyst, which made them crash and posed a great economic implication to the nation.

Methods to Mitigate the Vulnerabilities

Government agencies and the private sector are responsible for reducing vulnerabilities in the critical infrastructure; they have to employ different domains to mitigate the Stuxnet worm and other attacks. The methods to be applied by the two sectors in the different domains are discussed as follows. The infrastructure has seven domains that need to be secured from attack by Stuxnet. The domains include the user domain, workstation, Local Area Network (LAN), the LAN-to-Wide Area Network (WAN), WAN, remote access, and the system/application domains. The user domain comprises end-users gaining access to a company and is highly prone to cyber-attacks; the attacks result from mistakes and actions caused by humans. These risks have a possibility of crashing organizations. So the method that can be used to mitigate this involves using strong security restrictions and policies and organizing an awareness campaign for employees. For example, an Acceptable User Policy (AUP) controls a Stuxnet attack (Lonsdale, 2020). The workstation domain has the risks of old operating systems, outdated hardware, and known remote access that exposes it to attacks. These risks can be reduced and prevented by refurbishing old components to confirm that they are up-to-date.

The LAN domain has risks related to a lack of security in the network that allows intruders to access resources. Strong security policies, firewalls, and proper training of network professionals can be used to mitigate these risks. The LAN-to-WAN domain has the risks of an absence of firewalls, intrusion detection and prevention, and protective perimeter controls. These can be prevented using many firewalls combined with a powerful defense-in-depth approach. The WAN domain has risks of unavailability of security, skilled workforce, and firewalls. These threats can be reduced by shoring up the domain and developing strong incident response strategies. The remote access domain has threats of weak passwords, inappropriate set up of remote access rules, and weak group policy. The risks can allow full access to intruders on the LAN, and so strong control and policies can be developed to secure the domain. The system/application domain has weaknesses of unavailability of antimalware software, a workforce with no skills in social engineering, and absence of security mindedness by users. Antimalware and proper training can be used in industrial systems to stop infection by SCADA worm. All the methods mentioned in this section, when incorporated well in industrial systems, can help mitigate and prevent Stuxnet.

Elements

An effective security framework in information technology has the following elements: policies, standards, baselines, procedures, guidelines, and taxonomy. Policies refer to rules about behavior with information technology in an organization. The policies range from system, network service, and acceptable use policies. When read and followed, the actions of employees will help mitigate Stuxnet attacks. Standards refer to the process to be followed to guarantee compliance with the rules (Baumard, 2017). Baselines refer to standards that help derive other standards like buying computers from one supplier containing specific features that help prevent cyber-attacks. Procedures refer to the steps one needs to follow to comply with the policies. Guidelines refer to a recommended addition to the elements above so that the security policy can work better. Taxonomy refers to descriptions of how terms are applied in an organization.

When all these elements are considered when developing a security policy, the resultant security policy will be strong. This will guarantee the mitigation and prevention of the Stuxnet worm attack. Policies will mean that rules require users to apply to ensure that no malware is introduced in the system. The standards will require to follow the laid down processes that guarantee safety from malware. When standards are followed, baselines automatically prevent attacks, correct procedures mean compliance, and prevent vulnerabilities. When proper guidelines that relate to policies are followed, an organization has control over the SCADA worm.

References

Abou el Kalam, A. (2021). Securing SCADA and critical industrial systems: From needs to security mechanisms. International Journal of Critical Infrastructure Protection, 32, 100394.

Baumard, P. (2017). The Determinants of a National Cyber-Strategy. In Cybersecurity in France (pp. 31-65). Springer, Cham.

Lonsdale, D. J. (2020). The Ethics of Cyber Attack: Pursuing Legitimate Security and the Common Good in Contemporary Conflict Scenarios. Journal of Military Ethics, 19(1), 20-39.

More related papers Related Essay Examples
Cite This paper
You're welcome to use this sample in your assignment. Be sure to cite it correctly

Reference

IvyPanda. (2022, July 25). Supervisory Control and Data Acquisition: Stuxnet Worm Attack. https://ivypanda.com/essays/supervisory-control-and-data-acquisition-stuxnet-worm-attack/

Work Cited

"Supervisory Control and Data Acquisition: Stuxnet Worm Attack." IvyPanda, 25 July 2022, ivypanda.com/essays/supervisory-control-and-data-acquisition-stuxnet-worm-attack/.

References

IvyPanda. (2022) 'Supervisory Control and Data Acquisition: Stuxnet Worm Attack'. 25 July.

References

IvyPanda. 2022. "Supervisory Control and Data Acquisition: Stuxnet Worm Attack." July 25, 2022. https://ivypanda.com/essays/supervisory-control-and-data-acquisition-stuxnet-worm-attack/.

1. IvyPanda. "Supervisory Control and Data Acquisition: Stuxnet Worm Attack." July 25, 2022. https://ivypanda.com/essays/supervisory-control-and-data-acquisition-stuxnet-worm-attack/.


Bibliography


IvyPanda. "Supervisory Control and Data Acquisition: Stuxnet Worm Attack." July 25, 2022. https://ivypanda.com/essays/supervisory-control-and-data-acquisition-stuxnet-worm-attack/.

If, for any reason, you believe that this content should not be published on our website, you can request its removal.
Updated:
This academic paper example has been carefully picked, checked and refined by our editorial team.
No AI was involved: only quilified experts contributed.
You are free to use it for the following purposes:
  • To find inspiration for your paper and overcome writer’s block
  • As a source of information (ensure proper referencing)
  • As a template for you assignment
1 / 1