Exploiting SCADA vulnerabilities using a Human Interface Device
SCADA (Supervisory Control and Data Acquisition) systems are used to control and monitor critical national infrastructure functions like electricity, gas, water and railways. Field devices such as PLC’s (Programmable Logic Controllers) are one of the most critical components of a control system. Cyber-attacks usually target valuable infrastructures assets, taking advantage of architectural/technical vulnerabilities or even weaknesses in the defense systems. Even though novel intrusion detection systems are being implemented and used for defending cyber-attacks, certain vulnerabilities of SCADA systems can still be exploited. In this article we present an attack scenario based on a Human Interface Device (HID) device which is used as a means of communication/exploitation tool to compromise SCADA systems. The attack, which is a normal series of commands that are sent from the HID to the PLC cannot be detected through current intrusion detection mechanisms. Finally we provide possible counter measures and defense mechanisms against this kind of cyber attacks.
This is an Open Access article
Citation : Tzokatziou, G., Maglaras, L., Janicke, H. and He Y. (2015) Exploiting SCADA vulnerabilities using a Human Interface Device. International Journal of Advanced Computer Science and Applications, 6 (7),
Research Institute : Cyber Technology Institute (CTI)
Peer Reviewed : Yes