SCADA-rendszerek kiberbiztonsága a létfontosságú rendszerelemek tekintetében 1.

Hankó Viktória

doi:10.32567/hm.2023.3.10

Cybersecurity of SCADA Systems from Critical Infrastructure Aspect 1

Hankó Viktória
https://orcid.org/0000-0002-5071-3573

doi: 10.32567/hm.2023.3.10

This work is licensed under a Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License.

Abstract

Today, as technological advances continue, the role of cybersecurity is becoming increasingly important, as both individuals and companies need to keep up with the evolution of cyberattacks – in terms of both, their number and their methods. Industrial facilities and critical systems, of which SCADA systems are a key component, are prime targets for these attacks. In this context, these installations require a much higher level of protection than the average due to their role. In the first part of the article, the author describes the basic concepts of SCADA systems, as well as the specifications and good practices required for
their installation and operation. It also describes past and current cybersecurity challenges, both general and SCADA system-focused, based on attack method, year of attack, and classification of the sector involved.

Keywords:

SCADA cyber security critical infrastructure

How to Cite

Hankó, V. (2024). Cybersecurity of SCADA Systems from Critical Infrastructure Aspect 1. Military Engineer, 18(3), 145–160. https://doi.org/10.32567/hm.2023.3.10

References

Bederna Zsolt – Rajnai Zoltán – Szádeczky Tamás (2021): Business Strategy Analysis of Cybersecurity Incidents. Land Forces Academy Review, 26(2), 139–148. Online: https://doi.org/10.2478/raft-2021-0020

Dunn, Thomas (2015): 10 – Basics of Control Systems. In Flexible Packaging.Oxford: William Andrew, 103–110. Online: https://doi.org/10.1016/B978-0-323-26436-5.00010-2

ENISA (2011): Annex III. ICS Security Related Standards, Guidelines and Policy Documents. Online: https://www.enisa.europa.eu/publications/annex-iii

Feldman, Sarah (2019): Infographic: IT Says SCADA Will Continue to Be a Frequent Threat. Statista Infographics, 2019. március 6. Online: https://www.statista.com/chart/17267/ cyber-security-threats/

G. L., Francis (2016): SCADA: Beginner’s Guide.[H. n.]: [k. n.].

Kovacs, Eduard (2022): Ransomware Group Claims Access to SCADA in Confusing UK Water Company Hack. Security Week, 2022. augusztus 16. Online: https://www. securityweek.com/ransomware-group-claims-access-scada-confusing-uk-wa¬ter-company-hack

Krasznay Csaba (2019): Kiberbiztonság a negyedik ipari forradalom korában. Hiradástechnika: Hírközlés-Informatika, 74, 25–29.

Megyeri Lajos – Farkas Tibor (2017): Kockázatkezelés, tudomány vagy kuruzslás? Hadmérnök, 12(3), 198–209.

Miller, Bill – Rowe, Dale Rowe (2012): A Survey SCADA of and Critical Infrastructure Incidents. Proceedings of the 1st Annual Conference on Research in Information Technology, RIIT ’12, 51–56. Online: https://doi.org/10.1145/2380790.2380805

National Institute of Standards and Technology (2020): NIST Special Publication 800-53 Revision 5. Online: https://doi.org/10.6028/NIST.SP.800-53r5

Paráda István – Farkas Tibor (2020): Felderítés és Analízis a Penetrációs Teszt¬ben – . Információgyűjtési Technikák. Hadmérnök, 15(1), 159–182. Online: https:// doi.org/10.32567/hm.2020.1.11 ; DOI: https://doi.org/10.32567/hm.2020.1.11

Pathak, Neel H. – Patel, Hashmukh (2014): A Review on Modern SCADA Systems and Security Consideration of Individual SCADA System’s Components. International Journal of Engineering Development and Research, 2(2), 1639–1699.

Petrosyan, Ani (2023): Frequency of Cyber Threats Worldwide by Type 2017 l Statis¬tic. Statista, 2023. augusztus 25. Online: https://www.statista.com/statistics/883591/ frequency-cyber-threats-expected-by-senior-it-practitioners-threat-type/

Stouffer, Keith et al. (2020): NISTIR 8183 Revision 1.National Institute of Standards and Technology. Online: https://doi.org/10.6028/NIST.IR.8183r1

Szádeczky Tamás (2021): Víz 4.0? A digitális víziközmű-infrastruktúra kiberbizton¬sági kitettsége. Hadtudomány, 31(4), 111–117. Online: https://doi.org/10.17047/ HADTUD.2021.31.4.111

DPS Telecom (2021): 14 Major SCADA Hacks. 2021. december 23. Online: www. dpstele.com/blog/major-scada-hacks.php

Tóth András (2022): Information Security Challenges and Solutions in Smart Nations. In Kovács, Anna et al. (szerk.): Security-Related Advanced Technologies in Critical Infrastructure Protection: Theoretical and Practical Approach.Heidelberg: Springer Netherlands, 123–132. Online: https://doi.org/10.1007/978-94-024-2174-3_10

Yadav, Geeta – Paul, Kolin (2021): Architecture and Security of SCADA Sys¬tems: A Review. International Journal of Critical Infrastructure Protection, 34, 100433. Online: https://doi.org/10.1016/j.ijcip.2021.100433

Jogi források

évi CLXVI. törvény a létfontosságú rendszerek és létesítmények azonosításáról, kijelöléséről és védelméről. Online: https://net.jogtar.hu/jogszabaly?do¬cid=a1200166.tv

Az Európai Parlament és a Tanács (EU) 2016/1148 Irányelve (2016. július 6.) a hálózati és információs rendszerek biztonságának az egész Unióban egységesen magas szintjét biztosító intézkedésekről. Online: https://eur-lex.europa.eu/legal-content/ HU/TXT/PDF/?uri=CELEX:32016L1148