Stuxnet-like attacks beckon as 50 new Scada threats discovered

Cyber criminals appear to be ramping up their interest in industrial control systems after research from application security management firm Idappcom found 52 new threats in March targeted at supervisory control and data acquisition (Scada) systems of the sort hit by the infamous Stuxnet worm.

Tony Haywood, chief technology officer at Idappcom, told V3.co.uk that hackers could be going for the systems as they are typically less well defended than more mainstream public facing IT systems.

Scada systems are typically found in a variety of industrial plants ranging from water and waste treatment to food and pharmaceuticals and even nuclear power plants.

As such, they play a vital role in the monitoring and production of key products and services, and could represent an attractive target for hacktivists seeking notoriety, or cyber criminals looking to extort money by threatening to disrupt the systems.

"We quickly realised this was too much of a significant blip to be an anomaly. It may be an indicator towards a worrying trend," said Haywood.

"Our records go back to 2004 and I've never recorded any sort of significant blip on the radar in an area like this previously."

Many of the exploits discovered by Idappcom centre around denial-of-service attacks directly targeting input validation techniques, which are able to repeatedly bring control systems to a halt, he explained.

Scada systems are often at greater risk because they are connected to legacy operating systems such as Windows 95 for which there are no service packs or automatic updates.

"These systems are clearly not being monitored and maintained by network infrastructure teams," Haywood said. "They are not updating or service packing them or showing them the same attention as their public facing services."