Impact of Technology in the Industry
The ease and popularity of computers is the fastest revolution the world has ever seen. It only took 30 years for the computers to completely replace humans in the industrial environment. Humans was doing all the hard labor for thousands of years. The men grew crops and livestock with their own hands to feed their family. However, computers and machines replaced farmers and can remotely control a machine to harvest hundred times more crops than the farmers of the past could do in a week. This is a huge advantage, and it is not only in the agriculture field but in the factories, oil refineries, and powerplants. One of the computer systems that is used in the industry is SCADA.
SCADA stands for Supervisory Control and Data Acquisition, and it is used to control industrial technology. These can include water treatment facilities, space stations, gas pipelines, wind farms, and wastewater treatment plants. SCADA reduces the amount of employees an industrial company needs to operate their plants. Instead of walking from destination to destination to operate valves and start pumps it can all be done remotely. SCADA has a human operator and all the data that SCADA accumulates is viewed by the operator. It also has remote terminals that connect to sensors and converts the data from the sensors to digital data. SCADA also has a PLC or Programmable Logic Controller that controls all the mechanical systems. SCADA is very useful because it allows industrial work to be accomplished with a minimal number of employees. It also reduces the number of mishaps and human casualties in the workplace allowing workers to be safer and more secure. This allows all alarms and malfunctions to be reported and has immediate response rather than an alarm going off in the facility and nobody being there to acknowledge the alarm. With all the benefits that there are with SCADA, it is vulnerable to malicious users.
The SCADA systems are targets for cyberterrorism attacks. It is wrongly believed that SCADA networks are safe from malicious attacks because it is disconnected from the internet. The first threat is unauthorized access to the software. Hackers can inject viruses into the system. The second threat is related to packet access to network segments. This means that anyone that has access to see the network segments can manipulate it and change the original command to a false command. The remedy to this threat is that SCADA users now have VPN that will encrypt the network packets. There are many benefits that computers have in the industry, but they also create risk from outsiders that only have malicious intent. This intent can be phishing, DDoS, unauthorized access, and viruses.
SCADA is very beneficial to an industry as it was described above. However, there are many benefits of the use of computers outside the factories, powerplants, and refineries, and in the office. Computers are taken full advantage of to help accountants keep track of money and help all the business executives keep track of numbers. These numbers can be from how much products are being produced and how much are being sold. Computers lay out all the numbers in a beautifully designed application called Excel. Microsoft Excel can be used to organize all the data the business executives collected, make calculations for them, and provide useful charts to help them with analyzing the numbers. With all the benefits of computers in the office there is a lot of risk that is involved. There are many competitors out in the world who seek to do harm or predators who are trying to find an employee to take advantage of. Whatever is the intent there should always be awareness in the office of the dangers in the cyber domain.
Phishing is the most common form of attack to a business. It is an attempt to gain log-in, credit card information, or any other valuable information that the malicious user wants by posing as an official. For example, if the malicious user wants a user’s bank website log in information the suspect will send an email asking them to “log-in and verify their email.” Phishers can gain a user’s background information such as the users internet surfing history, their interests or activities provided by social media. LinkedIn, Facebook, or twitter are the perfect platform for the phisher to gain information such as job titles, email addresses, or even phone numbers. The more information that a user provides the easier it is for the phisher to become more “realistic” and fool the user.
Denial of service is another attack that is common. This style of attack prevents users from accessing an expected service or resource. This is accomplished by flooding the targeted host or network with traffic until the target cannot respond or crashes. DoS attackers exploit a software vulnerability in the system and exhaust the RAM or CPU of the server. Once a DoS attack happens it can be easily stopped because the attacker would only have one IP address. Therefore, the countermeasure is adding the IP address to the firewalls “blacklist.” A Distributed Denial of Service attack is where there are computers around the world that are programed to flood the network traffic of one targeted device. These computers around the world can be random and the owner of it may not know that it is being used to help with the DDoS attack. This is called a Botnet. Because there are multiple IP addresses it is near impossible to detect all the addresses and separate them from routine traffic.
These form of attacks that were just described are only two attacks out of hundreds that are out there in the world. There are also man-in-the-middle, back-door, and over-the-shoulder attacks that are methods to gain unauthorized access to a business network. The damage that is caused from a cyber-attack can be just a chip off the block for a large corporation but devastating to a small business. It is very important for them to invest in a secure network and ensure that their network always stays secured. Here are some methods for a small business to be secured.
If a small business starts out and they are looking for the cheapest way to remain secured, they should use Software as a Service. Software as a Service is where a business could use network-based applications. All the business would have to do is pay a monthly fee to another business that supports Software as a Service, and this business would cover everything from the application software to hardware management and virtualization. This will make it easier for small businesses because they would not have to purchase all the required hardware to build their own server and must pay an employee to monitor the server to keep it secured. It would also save money because they would not have to hire a software web designer to create their webpage. The Software as a Service program will always have employees provided to monitor network traffic and scan for malicious activity. Also, if the small businesses were to decide to have a VPN service, then all the network traffic between the SaaS and the workstation would be encrypted. All the applications that the small business employee would use would be used virtually on the SaaS server. So, the business would not need to download anything. This will lower the risk of an oblivious employee downloading an application and clicking on the one that says, “click here to download” and did not verify the publisher. SaaS can provide an email server that can filter out spam and phishing attempts so employees will not fall for these types of scams.
Software as a Service is very beneficial. It is a good way for a small business to stay secured at a cost of a small fee without having to pay for a separate cybersecurity analysis to monitor their network. With everyone relying more and more on technology it is essential for everyone to stay up to date on the threats that exist out there. A good training program is the key to success, and it would reduce the number of security breaches in a company. Company employees would be less tempted to click on a malicious link in their email when they receive an ad saying that its their lucky day and they won prize money for being the hundredth email they sent to for an example. Nonetheless, it is also important for industrial companies to keep their network secured as well.
SCADA is used throughout the industry. All the security issues can be easily researched, and it is important for companies to be aware of this and invest in keeping their network secured. It is important because it remains susceptible to cyber-terrorist if they desire to make an environmental statement by destroying the factories or powerplants. They could also perform a DDoS attack and prevent the workers from doing their job. These are all reasons for a company to invest as much resources in cyber security because the threat is real and it has the potential to destroy even the biggest corporations.