Pentesting SCADA
Industrial control systems SCADA (supervisory control and data acquisition) and ICS (industrial control system), are systems controlled by software that monitor and control industrial processes. These systems were designed to run on low bandwidth serial connections and disparate networks. There are risks when running SCADA systems on IP networks, since they can be used as attack launch platforms and are not frequently audited in terms of computer security.
ICS systems were originally designed to meet the requirements for performance, reliability, security and flexibility. In most cases, they were physically isolated from external networks and relied on proprietary communication hardware, software, and protocols that lacked secure communication capabilities; The need for cyber security measures within these systems was not anticipated.
For this reason, it extremely important carry out security audits – pentesting – of these types of devices (sometimes not so well valued in cybersecurity schemes) taking into account that there are multiple vectors by which an attacker can take advantage of them:
- Virus injection
- Malicious code injection
- XSS script injection
- SQLi injection (malicious commands to databases)
- Cross Directory Attacks
- Theft of credentials
- Elevation of permissions, privileges and controls
- Malware spread
- Information theft / leak
- Undetectable lateral movements