SCADA – Supervisory Control and Data Acquisition – systems are often used for protecting critical national infrastructure platforms such as energy and telecommunications grids.
These systems are usually based around an embedded and robust version of Windows, which makes them resilient against most malware.
According to the ICS-CERT, it has received a number of reports, from multiple independent security researchers who have employed the SHODAN search engine to discover internet-facing SCADA systems "using potentially insecure mechanisms for authentication and authorisation."
Reporting on this revelation, Lucian Constantin, editor of the Softpedia IT news service, noted that security experts believe that attacks against SCADA systems "will significantly increase in the upcoming years and that malware development will also take this direction."
"Vendors have long relied on the obscurity of such systems to keep them protected from cyber attacks and Stuxnet has demonstrated that they are largely unprepared to quickly respond to such threats", he said.
Infosecurity notes that the SHODAN search engine – which is named after the Sentient Hyper-Optimised Data Access Network, a fictional AI network in the System Shock games series – is used by the academic community to track down computer systems running a particular type of software or IP traffic environment.
The worrying news is that ICS-CERT reports that most vulnerable SCADA systems located with the SHODAN search engine were improperly configured for remote monitoring.
Softpedia's Constantin said, "unfortunately, most of them still used default accounts and passwords, which can easily be learned by attackers from official documentation."
As a result of what appears to be the potential public exposure of critical national infrastructure SCADA-based systems, ICS-CERT is recommending the use of VPN technology for remote access of SCADA systems by their operators.