Online discoverability and vulnerabilities of ICS/SCADA devices in the Netherlands

Crime and delinquency / Computer crime

Online discoverability and vulnerabilities of ICS/SCADA devices in the Netherlands

Summary

On a regular basis we read in the news about cyber attacks on critical infrastructures, such as power plants. Such infrastructures rely on so-called Industrial Control Systems (ICS) / Supervisory Control And Data Acquisition (SCADA) networks. By hacking the devices in such systems and networks, attackers may take over the control of critical infrastructures, with potentially devastating consequences. This report focusses on critical infrastructures in the Netherlands and investigates three main questions:

  1. How many ICS/SCADA devices located in the Netherlands can be easily found by potential attackers?
  2. How many of these devices are vulnerable to cyber attacks?
  3. What measures should be taken to prevent these devices from being hacked?

Index

Summary
Samenvatting

  1. Introduction
  2. ISC/SCADA Device Discoverability
  3. Exposed ISC/SCADA Devices in the Netherlands
  4. ICS/SCADA Devices Vulnerabilities in the Netherlands
  5. Measures to be taken
  6. Conclusions

Appendices

Publication data

Author(s):
Ceron, J.M., Chromik, J.J., Santanna, J.J.C., Pras, A.
Organization(s):
University of Twente - Faculty of Electrical Engineering, Mathematics and Computer Science (EEMCS), WODC
Place of publication:
Enschede
Publisher:
University of Twente - Faculty of Electrical Engineering, Mathematics and Computer Science (EEMCS)
Year of publication:
2019

Order information

Address:
University of Twente - Faculty of Electrical Engineering, Mathematics and Computer Science (EEMCS)
 
P.O. Box 217
 
7500 AE Enschede
Phone:
053 4894602
Fax:
053 489 3114
E-mailaddress:
BFD_EWI@ewi.utwente.nl
Website:
https://www.utwente.nl/en/eemcs/