Online discoverability and vulnerabilities of ICS/SCADA devices in the Netherlands

Online discoverability and vulnerabilities of ICS/SCADA devices in the Netherlands

Samenvatting

On a regular basis we read in the news about cyber attacks on critical infrastructures, such as power plants. Such infrastructures rely on so-called Industrial Control Systems (ICS) / Supervisory Control And Data Acquisition (SCADA) networks. By hacking the devices in such systems and networks, attackers may take over the control of critical infrastructures, with potentially devastating consequences. This report focusses on critical infrastructures in the Netherlands and investigates three main questions:

  1. How many ICS/SCADA devices located in the Netherlands can be easily found by potential attackers?
  2. How many of these devices are vulnerable to cyber attacks?
  3. What measures should be taken to prevent these devices from being hacked?

Inhoudsopgave

Summary
Samenvatting

  1. Introduction
  2. ISC/SCADA Device Discoverability
  3. Exposed ISC/SCADA Devices in the Netherlands
  4. ICS/SCADA Devices Vulnerabilities in the Netherlands
  5. Measures to be taken
  6. Conclusions

Appendices

Publicatiegegevens

Auteur(s):
Ceron, J.M., Chromik, J.J., Santanna, J.J.C., Pras, A.
Organisatie(s):
University of Twente - Faculty of Electrical Engineering, Mathematics and Computer Science (EEMCS), WODC
Plaats uitgave:
Enschede
Uitgever:
University of Twente - Faculty of Electrical Engineering, Mathematics and Computer Science (EEMCS)
Jaar van uitgave:
2019
Type rapport:
Eindrapport

Bestelinformatie

Adres:
University of Twente - Faculty of Electrical Engineering, Mathematics and Computer Science (EEMCS)
 
P.O. Box 217
 
7500 AE Enschede
Telefoon:
053 4894602
Fax:
053 489 3114
E-mailadres:
BFD_EWI@ewi.utwente.nl
Website:
https://www.utwente.nl/en/eemcs/

Onderzoekgegevens

Werktitel:
Kwetsbaarheid vitale ICS/SCADA-systemen
Projectnummer:
2861
Operationele status:
Afgerond