Extending the cyber-attack landscape for SCADA-based critical infrastructure

Abstract

The move from point-to-point serial communication to traditional information technology (IT) networks has created new challenges in providing cyber-security for supervisory control and data acquisition (SCADA) systems in critical infrastructure. Current research on the attack landscape for critical infrastructure concentrates on either IT-based or protocol specific attacks. However, there is limited research focus on “the bigger picture”, the combination of IT attacks and critical infrastructure protocol attacks, and little consideration of cyber-attacks targeting an entire (SCADA)-based critical infrastructure system. Due to such narrow research, there is a complete lack of focus when comprehending full-scale cyber attacks on SCADA-based critical infrastructure systems. As a result, new attacks combining various vulnerabilities in engineering systems and IT systems are yet to be discovered.In this paper, we collated existing known attacks, identified and combined the existing range of attack landscapes, expanded and “filled the gaps” in the landscape, thus presenting a complete cyber-attack framework that perceives attacks against entire SCADA-based critical infrastructure. Our framework identifies four attack types, traditional IT-based attacks, protocol specific attacks, configuration-based attacks and control process attacks, allowing us to describe practical attacks. The benefit of recognizing the range of attacks on entire critical systems is that it allows us to defend against attacks with far greater efficiency and intelligence. To support the validity of our presented framework, we present a case study demonstrating a series of attacks on physical Distributed Network Protocol 3 (DNP3) critical infrastructure equipment.