Professional Documents
Culture Documents
Module 5 Paper
Module 5 Paper
Adam Throne
Module 5 Paper
Systems dedicated to controlling machinery and industrial infrastructure have existed for
centuries, but only recently have computers begun to control them. In the past, operators manually
adjusted each machine in a system. A central manager would moderate communication between
operators, and there was little opportunity for external interference. Today though, most processes are
controlled by a computer system known as SCADA. Under this framework, a central command
center is able to control each aspect of an entire system. This has streamlined the control process but
also developed a security issue. As the StuxNet attack demonstrates, it is possible for external actors
to infiltrate SCADA and cause physical damage. The potential for cyber attacks against SCADA
SCADA is designed to allow precise adjustment to systems remotely from computers, control
panels, and networks. This system was designed to standardize the control of most industrial
processes. Ideally, someone with SCADA experience in California, for example, is capable of
running any SCADA system on the globe with basic training. Diagram 1 illustrates the general flow
of SCADA. At the top, organization computers monitor output, schedule changes, and organize
production strategies. Below, the firewall is designed to limit unauthorized access to closed-network
computers. This is generally fairly effective, but advanced hackers are capable of finding loopholes.
On the next level, command computers contain the operator control screens where individual
workers can make changes to machinery. SCADA on these computers allows users to both monitor
and control machinery. On the lower level, PLCs and RTUs take signals from the SCADA software
and apply them into physical machinery. Some PLCs and RTUs have direct control panels and
computers. Finally, at the bottom is machinery itself. Nearly all industrial, infrastructure, and
2
damage once an attack is executed. The simplest way to abuse SCADA is by convincing an operator
to manually use command computers to cause damage. SCADA systems are designed to automate
the control process, but there is still a human aspect. In the past, multiple workers would have needed
to collaborate to damage a system. However, with SCADA, a single individual has the capability to
manipulate an entire system. Using traditional covert action techniques, it is fairly easy to turn an
individual against a target. Additionally, SCADA itself can be targeted in a cyber attack. Computers
above the firewall are fairly easy to hack into, because they are generally connected to unprotected
external networks. Since these computers do not control any machinery though, the only benefit of
infiltrating them is access to personal information about potential agents. Some basic SCADA
systems either do not have firewalls or have very weak firewalls. In these circumstances, it may be
possible for external hackers to influence PLCs and RTUs directly. However, high-profile targets are
far more secure. Therefore, the most efficient way to directly target SCADA is through hardware.
Malware must be written, planted, and executed in order to impact PLCs and RTUs. One possible
way to achieve success in these areas is by writing a self-starting code on a thumb drive and
uploading it onto a control computer. Alternatively, an actor may infiltrate PLC or RTU production
facilities to plant malware on these computers before they are installed in a specific target. If
Once planted and executed, malware targeting SCADA software can cause significant
damage in a short amount of time. To start, there is already software in place to control machinery.
Rather than writing entire new modes of action, cyber attackers only have to control SCADA. The
funds and time that would be spent on developing this delivery mechanism can instead be spent on
3
ensuring efficiency and deniability. Additionally, SCADA’s vulnerabilities provide cyber attackers a
rare opportunity to cause physical damage against adversaries. Typically, cyber attackers are
restricted to attacks on society, economics, and information. The StuxNet attack demonstrated that a
well-executed attack was capable of causing an explosion within Iran’s nuclear facility. The
possibilities are endless for the damage that could be completed by targeting SCADA systems. Oil
lines can be destroyed, power generators can be stopped, heat in military bases can be shut off, or
Subways can be held in place. These countless opportunities are advantageous for state actors and
individual actors alike. Yes, many of these attacks could also be completed with a bomb or a missile.
However, the advantage of targeting SCADA with cyber attacks is the element of plausible
deniability. If the United States were to launch a missile at North Korea’s nuclear research facility,
regional nations including North Korea, China, and Russia would retaliate. However, if North
Korea’s nuclear research facility mysteriously self-imploded at the hands of a carefully protected
SCADA attack, these nations would not have sufficient evidence to respond violently. SCADA
allows anonymous cyber attackers to inflict damage that only state militaries would be able to
In conclusion, although SCADA streamlines the industrial workflow, its vulnerabilities pose
a significant security risk. Through direct covert action or hardware attacks, SCADA can be ordered
to self-destruct the very systems which it controls. Many high profile targets utilize this system, so
the effects of widespread SCADA attacks could be catastrophic. These networks allow the deniability
of cyber warfare to be combined with the physical damage of conventional war. I recommend that the
United States reevaluate its dependence upon automated devices for everyday tasks and develop