The SCADA Security Threat
SCADA (Process Control Networks) based systems have moved from proprietary closed networks to open source solutions and TCP/IP enabled networks steadily over recent years. This has made them vulnerable to the same security vulnerabilities that face our traditional computer networks.
This has lead to some highly publicised successful intrusions has resulted in malicious attackers obtaining administrative access to core systems.
As traditional security testing targets corporate networks, systems, and software which reside to provide services to corporate networks and users. SCADA systems have been relatively excluded from security testing due to above mentioned historic reasons for exclusion.
HackLabs' SCADA Penetration Testing follows documented security testing methodologies which can include:
- Port Scanning
- System Fingerprinting
- Services Probing
- Exploit Research
- Manual Vulnerability Testing and Verification
- Manual Configuration Weakness Testing and Verification
- Administrator Privileges Escalation Testing
- Password Strength Testing
- Network Equipment Security Controls Testing
Why Perform an Assessment?
SCADA systems are increasingly becoming a target for focused attackers. In order to ensure that SCADA based systems are secured from external threats, self assessment and external independent testing should be preformed bi-annually.
HackLabs' has perfomed many assessments on SCADA networks and has in-depth experience in assisting clients integrating security controls into there SCADA environment. Client references are available upon request.