As the water industry's reliance on computers, computer networks and automated
information systems continues to increase so does it's vulnerability to intentional and
unintentional security breaches such as plant miss-operation, data corruption and
inappropriate data access. Computer information system security breaches or cyber terrorism
may result in process upsets potentially impacting the water supply, loss of critical operations
data or distribution of incomplete or erroneous data. For example, many utilities have
employed supervisory controls and data acquisition (SCADA) systems to improve
monitoring, process control, compliance, security, and overall reliability. Experienced
hackers or those with specific knowledge about the system can access remotely accessible
SCADA systems. Once logged in, properly equipped hackers can deactivate process alarms,
change chemical federates, start/stop equipment, and so on. The results of this intrusion can
pose a wide variety of environmental, health and safety concerns for employees and the
general public.
The computer systems, computer network components and interfaces, as well as the
applications used in the water industry have built-in security features that can significantly
reduce the risk of security breaches. However, even when all security features are in force,
cyber terrorism still posses a threat and systems are still susceptible to some risks. Even
though there is an increased security awareness due to the recent terrorist attacks on the
United States, water utilities are reminded that a water utility cyber attack by terrorists is less
likely than a cyber attack from a disgruntled employee.
This paper reviews the security features available and how they can be used to reduce
security risks. It also presents some of the security "gaps" and methods for minimizing the
risk exposure resulting from these gaps. Includes 8 references, figures.
| Edition : | Vol. - No. |
| File Size : | 1
file
, 760 KB |
| Note : | This product is unavailable in Ukraine, Russia, Belarus |
| Number of Pages : | 12 |
| Published : | 01/01/2002 |
