StudyDaddy Information Systems PPT Presentation (About 20 minutes Long; 200pts) Wear Business Attire (10pts)Slide 1-Cover page with title (10pts)Slide 2-- Group NamesSlide 3-Introduction (25pts)Slide 4-Thesis statement (20pts)Slide

PPT Presentation (About 20 minutes Long; 200pts) Wear Business Attire (10pts)Slide 1-Cover page with title (10pts)Slide 2-- Group NamesSlide 3-Introduction (25pts)Slide 4-Thesis statement (20pts)Slide

Abstract

Ransomware can be described as malware that results after an attempt to alter the functioning of modern computer systems. Over the last decade, recent cybercrime cases have shot up, thus raising concern among government agencies, businesses, and also individuals. Due to this, government and big corporations have begun investing in heavy computer systems that will help them combat the cyber threats posed to their infrastructure. As the technology continues to evolve, new and advanced modern systems involving technologies such as IoT continue to replace traditional systems. These revolutions continue to help organizations stay safe from cyber-attacks. In doing this, however, the systems need to ensure integrity as well as the continued availability of all operations even when there are cyber-attacks.

In recent days, there have been attacks running across different sectors such as healthcare, pharmaceutical, energy, as well as many other sectors. This has mainly been a result of increased vulnerabilities in the design of the systems being used in these organizations. This research paper will critically analyze the different effects of Ransomware on the SCADA systems.

Introduction

The integration of information technology and networking is one of the recent technologies that has proved fruitful to businesses as well as government entities. The technology is affordable and easily available for businesses. This means that this has provided for an affordable avenue for companies to bring together multiple facilities. Besides, it has set a platform for the companies to establish a single control center for controlling its distributed systems. In the present times, this technology has exponentially grown as more global processes across different sectors continue to be integrated. The establishment of these Industrial Control Systems (ICS) has caught the eye of the ever-increasing number of cyber attackers. This is mainly because an attack on the control system within the organization would mean the whole computer system is not functioning. To combat this, different companies have adopted different techniques. For instance, some companies have adopted the Supervisory Control and Data Acquisition (SCADA), while others have chosen to have the Distributed Control Systems (DCS). The adoption of these technologies has however, not managed to eradicate all the emerging cyber threats. This has continued to raise concerns among the involved parties in the information technology world. As such, this paper will conduct a critical analysis of the various impacts that emerge when Ransomware attacks SCADA systems. In doing this, the paper will attempt to prove that Ransomware is indeed a massive threat to the SCADA systems.


Ransomware Attacks on SCADA systems

The exponential increase in computer networks across the world has had its share of advantages for Supervisory control and data acquisition (SCADA) including having the ability to control numerous sensors from remote locations and having their data control actuators in other different locations. Industry control systems have also benefitted from this perfecting computer networks as various industry operations can be automate based on sensor data to achieve maximum efficiency in their operations. However, the increase in the use and integration of the ICT equipment into SCADA systems and ICS systems has made it easier for attacks from the outside network to interfere with the normal functioning of these critical systems. It is not just the normal machine failures and poor system architectures which are defining the current failures of SCADA systems but due to ransomware attacks (Tariq, Asim & Khan, 2019). It is anticipated that more systems are getting vulnerable to modern attacks and that this number of incidents will continue to rise.

Early Supervisory control and data acquisition (SCADA) systems have been faced with uncertainties after most of their systems being held hostage to attacks from different organizations and individuals thereby exposing the poorly constructed system which could not withstand the evolving needs for cybersecurity. These early systems heavily relied on proprietary tools which to maintain the sanity of the systems which include monitoring inputs form several sensors and giving feedback to these systems in real time using actuators. These tools, however, have not withstood the test of time and technology is catching up with them thereby exposing the smart systems to potentially very hazardous scenarios which could bring down entire systems in a very short time (Gregory-Brown, 2017). This means that major utilities and infrastructure including network systems used in industry communication and the transport systems could be halted when successful attacks are carried out on such systems.

Ransom attacks are part of the cryptovirology malware attacks which, when successfully launched on a computer system, may block the access to the data or resources or even publish confidential operational data if a ransom is not paid. These types of attacks have previously occurred on major computer systems and are specially targeted to organizations or corporations which have very large influence and resources to lose in case the systems fail and attacks is successfully executed (Hassanzadeh et al., 2020). From a successful attack, the attacker can demand large sums of money from the large systems which can be very detrimental to the financial health and efficient continuation of operations after the attack. Protecting SCADA systems from this cyber assault is proving to be tedious and requires a lot of resources and expertise to develop systems which are robust and can withstand such ransomware attacks to allow for efficient operations. To achieve this, however, is one of the most challenging steps for these types of systems.

According to Butt et al. (2019), the threats of ransomware against large corporations having very large computer systems over the cyber space and serving very crucial roles have been on the spotlight for the continued attacks on modernly engineered ransomware. The analysis continues to add that the Industrial Control Systems (ICS) have been mainly targeted over the recent years due to the critical services which it tends to offer for users across the entire region and have very sensitive natures. Some of the sectors which have been targeted by these types of attacks include the healthcare industry, energy sectors and the pharmaceuticals industry. Information technology has made computer systems more integrated and networked using very sophisticated technologies which necessitated companies to ride on this wave and do much on cost cutting. This was achieved by connecting system together with the aid of these computer systems and distributed architectures which can all be controlled using a single computer control center (Butt et al., 2019).

The ability to interconnect all these systems together and have a single control center and which is also connected to the public internet and using public network infrastructure has made the ease in ransomware attacks on such critical systems to exponentially increase and take centerstage among the different types of cyberattacks. According to a security group, Skybox security (2020), brings into focus some of these ransomware attacks and the magnitude of threats which they can have on industrial control systems and SCADA systems. LogicLocker, is one type of ransomware which has been recorded in the past to attack SCADA systems and specifically water treatment plants and demand for ransomware or failure to which, they would interfere with the systems and dumb very high chlorine amounts into the clean water. This type of threat is potentially hazardous and fatal to human beings if they truly occur and portrays just how ransomware attacks can be devastating to the government and organizations using and benefitting from SCADA systems.

The occurrence of these attacks in disrupting industries is perhaps one of the most worrying trends for cybersecurity officials especially for the growth of new forms of attacks on the systems. The incorporations of new ICT technologies for industrial control systems has spurred the growth of these attacks as they introduce the public internet and all its threats to these critical systems. The occurrence of SCADA attacks dates back to 1903 when the Marconi Wireless hack which infiltrated the telegraph system using Morse Code (Hemsley & Fisher, 2018). This was still in the ages where internet was not yet developed but the critical communication system relied on a system for communication purposes. In modern cyber incidents, the Maroochy water was infiltrated in 2000 and more untreated sewage was released in amounts of more than 265,000 gallons after an attack was successfully executed (Hemsley & Fisher, 2018). This was one of the earliest forms of ransomware attacks on modern industrial systems which saw the advent of the exponential increase in internet use.

From this data, there is an exponential increase in successful attacks on industrial controls systems over the years from 2000 up to 2013. Hemsley and Fisher (2018) indicate that a single similar attack on control systems occurred in the years 2000, 2008 and 2011 while double incidents recorded in the year 2010 and 2012 while 2013 had the highest incidents in a single year with three. From this data, there is an upward trend in the occurrence of similar attacks which are meant to infiltrate SCADA systems and deny them the proper functioning and services in the system. These attacks have grown in gradually over the years and their threats become more sophisticated with very high damages to the systems. Additionally, from the incidents researched by Hemsley and Fisher (2018), an additional trend which can be noticed is the growth in several attack agents and groups from internal threats within the country to international threats such as the 2013 attack on the New York Dam which the U.S. Justice Department claimed it was traced back to Iranian attackers who managed to execute the attack.

Further on to the cyber incidents which have occurred in industrial control systems and SCADA systems, there was a recorded three cases in 2014, one case in 2015, three cases in 2016 and a large five cases in 2017. These attacks and the growing numbers over the years are an indicator that the systems have become more vulnerable to the attacks which emanate from various threat agents and channels. Almost all attacks which were recorded in 2017 were engineered to attack energy sector industrial control systems across the world including CRASHOVERRIDE which used to cause frequent power outages in the Ukrainian country. These occurrences symbolize that the ransomware attack and systems used to carry out such attacks have become complex to deal with and security engineers must work even smarter to avoid such occurrences at this digital age (Hemsley & Fisher, 2018). The energy infrastructure which is monitored by SCADA systems is an easy target for such attacker to mint money off large corporations and gain easily as such systems cannot afford to be run down for long periods of time.

Some of the new technologies which have been put in place to curb such hefty attacks on the system include having SCADA systems which are robust and highly redundant to prevent any simple attacks on the system from damaging its components and malfunctioning. In this manner, the system is harder to kill using basic attacks as each redundant system takes up and continues operating as normal away from the targeted ones. SCADA systems built using such cybersecurity architecture have shown improved performance in terms of security and attack prevention but attacks can still penetrate through the layers and rid the system of its redundant nature (Pack, 2019). This can be easily done using properly crafted malware attacks and if successful, might take a very long time for operations to resume and may cost the entire energy system from a few hours to a few days to get operations back to normal. Redundancy is therefore not the only solid solution as systems have still shown tendencies to be attacked.

Factors favoring the occurrence of ransomware attacks

In the recent past, attacks on systems have taken the path to infect industrial control systems depending on the operating systems in which underlies their architecture. Some of the attacks have been engineered to attack systems which use a particular operating system while some have been engineered to attack a particular version of an operating system. Despite having response mechanisms to combat and counter OS based attacks on such critical systems, there still exists several hurdles such as choosing the proper OS to operate with to avoid attacks of a certain type. Changing the systems is quite expensive for the system security analysts and this option is usually not one a common one, rather, patching up security loopholes and addressing the vulnerabilities as they occur. The increase in attacks has therefore shown a trend whereby the operating systems loopholes and attacks surfaces are used as the entry points for attacks from public networks and traffics (Muna, den Hartog & Sitnikova, 2019). Windows systems and UNIX systems are some off the common operating systems which have recorded cases of ransomware attacks on SCADA industrials control systems.

Additionally, ransomware attacks have been encouraged to occur on SCADA systems due to the rise in flexibility and real time data manipulation and feedback mechanisms for systems which require very high efficiency levels. the energy sector and other critical systems require real time data to influence their decisions and operations as the continue giving out their services. To achieve this, more systems are being put on the grid and join the entire network structure to give their inputs towards collecting this much needed information regarding the systems and how they could be adjusted. Adding more systems to the grid means more forms of attacks can be launched on the systems and bring their services down very quickly (Bayou, 2018). These new items added on to the larger network also form part of the outer network to enable them collect more information regarding the systems and how they function. Despite adding the much-needed inputs to influence new decisions in the system, the added components form the new attack surfaces as they are not usually separated form the normal IT equipment networks.

Probability of ransomware attacks on SCADA industries

The probability of attacks is based on the two discussed issues: the trend in incidents and the factors encouraging occurrence of the attacks. First, when the trend of ransomware attacks is considered in this case, it is quite evident that SCADA systems are more likely to be attacked more than 5 times in a single year every year since 2018. This is taken from the increasing trend whereby there was no attack on the systems for some years, increased by a single case through several years and grew more than half in a single year towards 2017. With this trend, even sophisticated security systems might be at risk of suffering from very lethal attacks on their systems and bring down the provision of critical services to a complete halt. Security systems have developed very crafty tools to build robust systems which can secure SCADA systems such as the use of IP technology and highly automated redundant systems but attacks have also grown in complexity and stealth (Butt et al., 2019). Hence, going by this trend, ransomware attacks are much likely on the increase and would have more than five incidents in a year.

Second, the review has shown that modern systems have focused more on expanding their networks and systems architecture which includes the use of components that must be connected to the public network to achieve these methods. Going by this system design, the SCADA systems are more likely to be attacked and suffer more vulnerabilities than they used to in earlier years. Additional components to the entire system will make the integrity of the system get compromised easily and would definitely affect the entire system security (Muna, den Hartog & Sitnikova, 2019). On top of this, two major operating systems which have been long known for their service provision in SCADA networks have been studied and analyzed by attackers to give them an upper hand at executing better and successful attacks. Going by this analysis too, the occurrence of SCADA attacks would significantly increase in a year as attacker become familiar with the operating system vulnerabilities and loopholes and new additional components tend to threaten the entire system security.

Conclusion

Supervisory control and data acquisition (SCADA) systems are very critical for the provision of services ranging from energy, to gas, water and even transport and communication. This means that the systems might inconvenience a lot of individuals and state resources in case service operations are blocked from the users. The occurrence of ransomware attacks and the increasing intensity of such attacks is a major concern for organizations and security systems architects as they try to reduce the damages caused when such attacks are carried out. In the analysis, it is clear and evident that such attacks are on the rise mainly due to the increased craftiness of attackers and the periodic upgrade and use of the SCADA systems. The findings show that the occurrence can even increase five times in a span of a few years and hence support the hypothesis of this paper.



References

Bayou, L. (2018). Assessment and enforcement of wireless sensor network-based SCADA systems security (Doctoral dissertation, Ecole nationale supérieure Mines-Télécom Atlantique Bretagne Pays de la Loire).

Butt, U. J., Abbod, M., Lors, A., Jahankhani, H., Jamal, A., & Kumar, A. (2019, January). Ransomware Threat and its Impact on SCADA. In 2019 IEEE 12th International Conference on Global Security, Safety and Sustainability (ICGS3) (pp. 205-212). IEEE.

Gregory-Brown, B. (2017). Securing industrial control systems-2017. SANS Institute InfoSec Reading Room.

Hassanzadeh, A., Rasekh, A., Galelli, S., Aghashahi, M., Taormina, R., Ostfeld, A., & Banks, M. K. (2020). A Review of Cybersecurity Incidents in the Water Sector. Journal of Environmental Engineering146(5), 03120003.

Hemsley, K. E., & Fisher, E. (2018). History of industrial control system cyber incidents (No. INL/CON-18-44411-Rev002). Idaho National Lab.(INL), Idaho Falls, ID (United States).

Muna, A. H., den Hartog, F., & Sitnikova, E. (2019). Targeted Ransomware: A New Cyber Threat to Edge System of Brownfield Industrial Internet of Things.

Pack, J. (2019). Cybersecurity for Distributed Energy Resources and SCADA Systems. Workforce.

SkyBox Security (2020) LogicLocker Brings Ransomware to SCADA Networks. Retrived from https://www.skyboxsecurity.com/blog/logiclocker-brings-ransomware-to-scada-networks/

Tariq, N., Asim, M., & Khan, F. A. (2019). Securing SCADA-based Critical Infrastructures: Challenges and Open Issues. Procedia Computer Science155, 612-617.

Have a similar question?

Continue to edit or attach image(s).

  • Fast and convenient

    Fast and convenient

    Simply post your question and get it answered by professional tutor within 30 minutes. It's as simple as that!

  • Any topic, any difficulty

    Any topic, any difficulty

    We've got thousands of tutors in different areas of study who are willing to help you with any kind of academic assignment, be it a math homework or an article.

  • 100% Satisfied Students

    100% Satisfied Students

    Join 3,4 million+ members who are already getting homework help from StudyDaddy!