SCADA Security: Welcome to the Patching Treadmill
Learn about new research that reveals the magnitude of the patching challenge for SCADA and ICS systems. Included is the downloadable presentation "Patching for Control System Security -- A Broken Model."
In his original blog post, Eric Byres said that after Stuxnet, security researchers and hackers on the prowl for new targets to exploit shifted their efforts to critical industrial infrastructure.
Unfortunately, the SCADA and ICS applications they are now focusing on are sitting ducks.
So far SCADA and ICS systems have been designed with reliability and safety in mind; security has been a minor consideration. Products that have never faced security tests are now under attack from sophisticated vulnerability discovery tools, and major control system security flaws are being continuously exposed.
In recent years, we have seen a staggering growth in government security alerts for these systems, and have witnessed some of the most sophisticated cyber-attacks on record.
Read the entire blog entry to learn more.