DEFENDING THE SCADA NETWORK CONTROLLING THE ELECTRICAL GRID FROM ADVANCED PERSISTENT THREATS

摘要: Modern civilization, with its dependency on information technology, require a steady supply of electrical power to prosper. A century relentless work by engineers has ensured that the grid is reliable. One tools they used achieve goal increased automation and remote control grid. This technology allows controllers supervising automatically adjust operational parameters meet external constraints as evolve. new surge in demand from cold night will trigger an automated increase supply. Remote commands be sent open sluice gates at hydroelectric plant make turbines spin faster generate more power. ensures electric always functions peak efficiency reliably deliver no matter what conditions are. Paradoxically, gains provided systems invited previously unknown risk reliability delivery: cyber attacks. In order automation, utility operators have turned Supervisory Control Data Acquisition, or SCADA, technology. this era, SCADA built top commercial off shelf hardware software such TCP/IP over Ethernet networks Windows operating system. enables malicious entities leverage their pre-existing knowledge offensive techniques known these platform attack controlling critical infrastructure. Of those entities, majority are unfocused attackers searching for commodity assets storage capacity store illegal materials, processing send spam credentials enable fraud. However, some actors deliberatively targeting ability cause damage physical realm. These aggressively search vulnerabilities stubborn face defensive measures dubbed advanced persistent threats, APTs. As such, it difficult turn them away. If we want prevent threats preying our infrastructure, need devise defense does not rely completely removing vulnerabilities. number constraints, operate 24/7 precluding opening maintenance windows, ensure there vulnerability can exploited attacker.