Common Control System Vulnerability   [open pdf - 311KB]

"The Control Systems Security Center (CSSC) and National SCADA Test Bed (NSTB) programs have discovered a vulnerability common to control systems in all sectors that allows an attacker to penetrate most control systems, spoof the operator, and gain full control of targeted system elements. This vulnerability has been identified on several systems that have been evaluated at INL [Idaho National Laboratory], and in each case a 100% success rate of completing the attack paths that lead to full system compromise was observed. Since these systems are employed in multiple critical infrastructure sectors, this vulnerability is deemed common to control systems in all sectors. [...] The control systems assessment teams have used this method to gather enough information about the system to craft an attack that intercepts and changes the information flow between the end devices (controllers) and the human machine interface (HMI [Human Machine Interface] and/or workstation). Using this attack, the cyber assessment team has been able to demonstrate complete manipulation of devices in control systems while simultaneously modifying the data flowing back to the operator's console to give false information of the state of the system (known as 'spoofing'). This is a very effective technique for a control system attack because it allows the attacker to manipulate the system and the operator's situational awareness of the perceived system status. The three main elements of this attack technique are: 1) network reconnaissance and data gathering, 2) reverse engineering, and 3) the Man-in-the-Middle attack."

Report Number:
Public Domain
Retrieved From:
United States- Computer Emergency Readiness Team (US- CERT): http://www.us-cert.gov/
Media Type:
Help with citations