Brussels, 10/10/2013 (Agence Europe) - On 9 October, the European cyber-security agency ENISA published a White Paper giving recommendations on prevention and preparedness for an agile and integrated response to cyber-security attacks and incidents against industrial control systems (ICS)/SCADA. The executive director of ENISA, Udo Helmbrecht, stressed the importance of identifying the security vulnerabilities affecting these systems: “SCADA systems are often embedded in sectors that are part of a nation's critical infrastructure - for example, power distribution and transport control - which makes them an increasingly attractive potential target for cyber attacks, ranging from disgruntled insiders and dissident groups, to foreign states”.
ICS are widely used to control industrial processes for manufacturing, production and distribution of products but the software used is often commercial and outdated. Well known types of ICS include supervisory control and data acquisition (SCADA), where SCADA systems are the largest ICS sub-group. Incidents affecting these ICS/SCADA are strongly on the increase, raising the issue of whether the control of SCADA systems is effective and the response to cyber-attacks appropriate. ENISA has published recommendations to help bodies tasked with monitoring these systems to set up a proactive environment to counter possible cyber-attacks and to conduct careful post-incident analyses. ENISA advises establishing better coordination of the teams that manage critical incidents, learning as much as possible from post-incident analyses, better managing and preserving digital evidence, and encouraging inter-organisational and inter-state cooperation on the issue. (IL/transl.fl)