Questions tagged [scada]
SCADA stands for Supervisory Control and Data Acquisition System. Generally, if refers to a broad class of computing systems that interact with physical processes associated with chemical, manufacturing, electricity production, gas delivery, etc.
12 questions
2 votes
0 answers
458 views
BlackEnergy2 vs. BlackEnergy3: Which one targeted HMIs?
Various reports have been published that analyze BlackEnergy2 and BlackEnergy3 in-depth. However, there seems to be discrepancies regarding the malware delivery phase, i.e., initial exploitation. The ...
- 21
1 vote
1 answer
291 views
scada honeypot guide help
With the recent vpn filter attacks, and talks about the hackers wanting to attack our SCADA systems in the U.S. I want to setup a honeypot to monitor the attackers and learn more about how they ...
- 41
2 votes
1 answer
217 views
What kind of attacks are mitigated by 2FA/MFA in Industry sector?
I would like to understand the real role of 2-Factor Authentication in Industry Control Systems like SCADA/SmartGrid with Windows AD infrastructure. In particular I am interested in an operational use ...
- 49
2 votes
1 answer
4k views
Nmap scan for Operational Technology devices
I want to scan a range of network with nmap to discover hosts but I know that depending on the scan, it can affect the integrity of OT (Operational Technology) devices, industrial devices like PLCs (...
2 votes
2 answers
257 views
Was the Stuxnet S7-417 payload a firmware update?
I'm a bit confused about the Stuxnet S7-417 attack. I believe Stuxnet performed a man-in-the-middle attack on the PLC, closing various valves in the background while it spoofed the values in the input ...
- 151
3 votes
2 answers
1k views
Can you only communicate to a PLC using associated software?
Apologies if this isn't the right forum, but I'm trying to understand SCADA network architecture, and specifically how the Stuxnet virus was able to change the control logic on PLCs. I think that it ...
- 151
4 votes
1 answer
2k views
SCADA, ICS Specfic Testing Tools and Methodologies
I have been contracted to perform a security risk assessment that relates specifically to ICS and SCADA systems. I have performed many IT security risk assessments, however, I am new to assessing ...
- 644
4 votes
4 answers
1k views
Does TCP/IP expose critical infrastructure to added risk?
Background: I just attended a talk on the security of critical infrastructure. The speaker spoke a bit on how adding the TCP/IP protocol to functions usually taken care of by dedicated protocols open ...
user10211
5 votes
3 answers
2k views
SCADA Operating System & Security Exploits
So I have a basic question on the SCADA operating system, which the manufacturers do not disclose. From my experience I can see VxWorks running in some of them, and Windows or Linux in some of them. ...
- 563
3 votes
4 answers
3k views
Problems during Pen-testing of SCADA systems
Is there a way to monitor the way the SCADA systems behave 'during pen-testing or security audit', and find out the implications of just port scans and/or monitor the state of activity while sending a ...
- 563
1 vote
2 answers
310 views
Real-time Operation systems and attacks
I'm interested on kind of attacks which can be used on 'Industry Control Systems'. I only have found that following malwares: switching-off/disablement the systems stole the information What else ...
- 113
7 votes
4 answers
451 views
Security papers or material focusing on the industrial control systems (SCADA)
Anyone know a good site or a list of resource to start to know issue related to the security of SCADA system ?
- 1,096