ICS/SCADA Wireless Attacks

Introduction

Wireless communication has gained attention in the industrial environment. Many organizations have moved from wired networks to wireless in order to provide IT networks with hassle-free connectivity. Wireless technology allows the user to connect to the network from almost anywhere.

Connectivity makes wireless networks prone to attack. This article will look at wireless attacks on the industrial control systems (ICS) environment which often lead to disruption of operations.

Wireless attacks in ICS

Inadequate authentication

Loopholes that allow attacks on ICS and ICS components are created through the weak implementation of a wireless network. For example, using a wireless access point with open authentication on an operational technology (OT) setup may allow anyone within the wireless range to connect to the network. This vulnerability could lead to attacks.

Inadequate data protection

Eavesdropping is possible when a wireless access point has open authentication. Sniffing passing data is a passive attack that is difficult to detect when it occurs at open authentication access points. Sniffing an OT setup can collect significant amounts of sensitive information, like readings from sensors and commands to the actuator. This data helps an attacker to understand the OT setup and plan further attacks.

Man-in-the-middle (MITM)

MITM attacks may allow an adversary to sniff and modify the data passing between master and slave, PLCs, HMI and so on. This can have a negative impact on OT operations. 

Let’s take an example of a rogue access point. In this type of attack, an attacker who is able to identify a legitimate AP to which wireless components are connected can create a rogue/dummy access point with the same name and increased transmission power. Due to greater power/strength in the signal, the endpoints are connected to the rogue AP. This allows an attacker to perform a MiTM attack.

Denial of (Read more...)

*** This is a Security Bloggers Network syndicated blog from Infosec Resources authored by Satyam Singh. Read the original post at: http://feedproxy.google.com/~r/infosecResources/~3/FBdMEq7v38E/