Everything that you have described as having done to secure your SCADA systems is no more than what is considered to be basic Best Practices for all networks. Most security specialists would probably agree that these basic Best Practices are a good start. Have you completely eliminated unencrypted data on your network? Are your servers and workstations running OS's that are still vendor supported and considered to be secure? This means no old NT, Win 95, or old SunOS boxes. Are your servers and workstations fully patched? Did the latest patches introduce any new vulnerabilies? Are there measures in place so that any router rearrangement or firewall activity will never allow outside access to your soft and chewy inside network? Are there methods of preventing unauthorized access to systems from INSIDE your network? As long as critical systems are networked, especially when there are physical connections to the internet (even if they are logically separated by firewalls, routing tables, ACL's, and the like), you are vulnerable.

[ reply ]

Link to this comment: http://www.securityfocus.com/comments/articles/11396/34023#34023