https://urgentcomm.com/wp-content/themes/ucm_child/assets/images/logo/footer-new-logo.png
  • Home
  • News
  • Multimedia
    • Back
    • Multimedia
    • Video
    • Podcasts
    • Galleries
    • IWCE’s Video Showcase
    • Product Guides
  • Commentary
    • Back
    • Commentary
    • Urgent Matters
    • View From The Top
    • All Things IWCE
    • Legal Matters
  • Resources
    • Back
    • Resources
    • Webinars
    • White Papers
    • Reprints & Reuse
  • IWCE
    • Back
    • IWCE
    • Conference
    • Special Events
    • Exhibitor Listings
    • Premier Partners
    • Floor Plan
    • Exhibiting Information
    • Register for IWCE
  • About Us
    • Back
    • About Us
    • Contact Us
    • Advertise
    • Terms of Service
    • Privacy Statement
    • Cookie Policy
  • Related Sites
    • Back
    • American City & County
    • IWCE
    • Light Reading
    • IOT World Today
    • Mission Critical Technologies
    • TU-Auto
  • In the field
    • Back
    • In the field
    • Broadband Push-to-X
    • Internet of Things
    • Project 25
    • Public-Safety Broadband/FirstNet
    • Virtual/Augmented Reality
    • Land Mobile Radio
    • Long Term Evolution (LTE)
    • Applications
    • Drones/Robots
    • IoT/Smart X
    • Software
    • Subscriber Devices
    • Video
  • Call Center/Command
    • Back
    • Call Center/Command
    • Artificial Intelligence
    • NG911
    • Alerting Systems
    • Analytics
    • Dispatch/Call-taking
    • Incident Command/Situational Awareness
    • Tracking, Monitoring & Control
  • Network Tech
    • Back
    • Network Tech
    • Interoperability
    • LMR 100
    • LMR 200
    • Backhaul
    • Deployables
    • Power
    • Tower & Site
    • Wireless Networks
    • Coverage/Interference
    • Security
    • System Design
    • System Installation
    • System Operation
    • Test & Measurement
  • Operations
    • Back
    • Operations
    • Critical Infrastructure
    • Enterprise
    • Federal Government/Military
    • Public Safety
    • State & Local Government
    • Training
  • Regulations
    • Back
    • Regulations
    • Narrowbanding
    • T-Band
    • Rebanding
    • TV White Spaces
    • None
    • Funding
    • Policy
    • Regional Coordination
    • Standards
  • Organizations
    • Back
    • Organizations
    • AASHTO
    • APCO
    • DHS
    • DMR Association
    • ETA
    • EWA
    • FCC
    • IWCE
    • NASEMSO
    • NATE
    • NXDN Forum
    • NENA
    • NIST/PSCR
    • NPSTC
    • NTIA/FirstNet
    • P25 TIG
    • TETRA + CCA
    • UTC
Urgent Communications
  • NEWSLETTER
  • Home
  • News
  • Multimedia
    • Back
    • Video
    • Podcasts
    • Omdia Crit Comms Circle Podcast
    • Galleries
    • IWCE’s Video Showcase
    • Product Guides
  • Commentary
    • Back
    • All Things IWCE
    • Urgent Matters
    • View From The Top
    • Legal Matters
  • Resources
    • Back
    • Webinars
    • White Papers
    • Reprints & Reuse
    • UC eZines
    • Sponsored content
  • IWCE
    • Back
    • Conference
    • Why Attend
    • Exhibitor Listing
    • Floor Plan
    • Exhibiting Information
    • Join the Event Mailing List
  • About Us
    • Back
    • About Us
    • Contact Us
    • Advertise
    • Cookie Policy
    • Terms of Service
    • Privacy Statement
  • Related Sites
    • Back
    • American City & County
    • IWCE
    • Light Reading
    • IOT World Today
    • TU-Auto
  • newsletter
  • In the field
    • Back
    • Internet of Things
    • Broadband Push-to-X
    • Project 25
    • Public-Safety Broadband/FirstNet
    • Virtual/Augmented Reality
    • Land Mobile Radio
    • Long Term Evolution (LTE)
    • Applications
    • Drones/Robots
    • IoT/Smart X
    • Software
    • Subscriber Devices
    • Video
  • Call Center/Command
    • Back
    • Artificial Intelligence
    • NG911
    • Alerting Systems
    • Analytics
    • Dispatch/Call-taking
    • Incident Command/Situational Awareness
    • Tracking, Monitoring & Control
  • Network Tech
    • Back
    • Cybersecurity
    • Interoperability
    • LMR 100
    • LMR 200
    • Backhaul
    • Deployables
    • Power
    • Tower & Site
    • Wireless Networks
    • Coverage/Interference
    • Security
    • System Design
    • System Installation
    • System Operation
    • Test & Measurement
  • Operations
    • Back
    • Critical Infrastructure
    • Enterprise
    • Federal Government/Military
    • Public Safety
    • State & Local Government
    • Training
  • Regulations
    • Back
    • Narrowbanding
    • T-Band
    • Rebanding
    • TV White Spaces
    • None
    • Funding
    • Policy
    • Regional Coordination
    • Standards
  • Organizations
    • Back
    • AASHTO
    • APCO
    • DHS
    • DMR Association
    • ETA
    • EWA
    • FCC
    • IWCE
    • NASEMSO
    • NATE
    • NXDN Forum
    • NENA
    • NIST/PSCR
    • NPSTC
    • NTIA/FirstNet
    • P25 TIG
    • TETRA + CCA
    • UTC
acc.com

Call Center/Command


SCADA systems at risk for attacks

SCADA systems at risk for attacks

A panel of public utility executives speaking at the Homeland Security for Networked Industries conference held in Orlando last month agreed that remote
  • Written by Urgent Communications Administrator
  • 1st February 2006

A panel of public utility executives speaking at the Homeland Security for Networked Industries conference held in Orlando last month agreed that remote monitoring and control systems, particularly SCADA systems, are vulnerable to intrusion attacks and should be protected more vigilantly. They also said that utilities would be well-served to link disaster recovery and business continuity plans.

“I’m worried about SCADA,” said Brunson White of Energen. “It is largely misunderstood, and we don’t have as much control over it as we think we do.”

Utilities haven’t thought enough about intrusion attacks when they develop security plans, said Denny Brown of Pinnacle West, Arizona’s largest energy company, which also operates the state’s largest nuclear power plant. “We have to think differently than we did before,” Brown said. “We didn’t think about the bad guys being out there wanting to get into our networks and do nasty things.”

Ray Johnson of Entergy agreed, adding that a false sense of security exists because terrorists have yet to take down a major power plant in the U.S. But the economic and societal impact would be enormous should such an event occur, and that’s something utility executives and public utility commissions (PUCs) should be thinking about, he said.

“If someone takes a nuclear plant offline, that will definitely get on CNN,” he said.

It’s a legitimate threat, said David Weber of NW Natural, a small gas distribution utility serving western Oregon and southwestern Washington.

“We know [terrorists] have copies of [utilities’] SCADA system designs,” he said, further suggesting that utilities invest in intrusion-detection systems if they haven’t already done so. “[Intrusion-detection systems] provide the ability to know how they’re exploiting you. They’re not that expensive and offer the most bang for the buck,” Weber said, adding that SCADA systems only are as secure as the Windows operating systems they ride over.

According to Johnson, intrusion detection is “high on our list.” He also said that Entergy is focused on network performance monitoring, which he said could raise red flags. “We try to take several tools and correlate them,” he said. “Nine out of 10 times, [the notification] is benign, caused by an internal application. But you have to be concerned about the one that will end up in the newspaper.”

Terrorists always are on the lookout for opportunities, Brown said. He described a Washington Post story that identified a specific power plant as the nation’s No. 1 terrorist target. The next day the plant recorded 200,000 denial-of-service attacks.

Traditionally, security has taken a back seat to other more pressing matters because of budget pressures created by cost-conscious PUCs. That has to stop, Johnson said.

“You just can’t push certain things back any longer,” he said. “You might have to take money from other areas, and you might irritate some people by canceling projects. So what? And if you haven’t been able to make the case, scream louder or bring someone else in who can [make the case].”

Brown equated it to taking care of yourself. “It’s like health — if you have it, you don’t want to spend money on it. But once you lose it, you spend a lot of money to get it back.”

The spate of natural disasters that have hit the U.S. — the four major hurricanes that struck the Gulf Coast states in 2004 and Hurricane Katrina last year — along with the prospect for terrorist or hacker attacks that could take their systems down have forced utilities to rethink their recovery strategies.

“Every year, we’re threatened by hurricanes, tornadoes, floods and ice storms, and every year we go through our disaster-recovery plan,” said Johnson, whose utility has the city of New Orleans in its footprint. “But up until now, we didn’t focus much on business recovery.”

That changed after Katrina. In April, Entergy conducted a mock disaster to determine what would occur if its employees were forced out of their offices for a week. In August, the mock scenario became reality, but this time workers were displaced for weeks.

“Each year we do a drill that stresses our plan,” Johnson said. “Typically, we try to create a worst-case scenario. This year we found out it wasn’t.”

Nevertheless, the April drill proved effective, Johnson said. “The fact we brought some of these things up sped up the response from [upper management],” after Katrina struck.

Johnson added that he “can’t stress enough,” the importance of linking disaster-recovery and business-continuity plans.

Brown agreed. “Katrina has forced us to think outside the box. We no longer can say it can’t happen here. We can’t prevent [disasters], but we can figure out what we have to do to respond.”

Tags: Call Center/Command content Wireless Networks

Most Recent


  • Public-safety coalition renews efforts to secure federal NG911 funding
    A coalition of public-safety associations today reiterated its support for federal legislation that would provide the funding needed to pay for 911 centers to migrate from legacy technologies to an IP-based next-generation 911 (NG911) platform that is designed to support multimedia communications, as well as traditional voice calls. Representatives of the Public Safety Next Generation […]
  • SCADA systems at risk for attacks
    Newscan: Cyberattacks on DoE national labs draw lawmaker scrutiny
    Web Roundup Items from other news organizations Cyberattacks on DoE national labs draw lawmaker scrutiny Blinken postpones trip to Beijing after Chinese spy balloon spotted over U.S., officials say To protect satellites, secure your networks, chief of space ops says Ransomware offlines Arizona’s largest school district Mending the fabric: FCC says to file broadband-location challenges […]
  • The shine begins to wear off 5G private wireless
    Verizon had high hopes for private wireless networking. The company had predicted that by now it would be well on its way to making billions of dollars from the sale of custom 4G and 5G networks dedicated exclusively to its enterprise customers. Indeed, during 2021 Verizon execs pegged the total addressable market for private wireless at around […]
  • Phishers trick Microsoft into granting them 'verified' Cloud Partner status
    Late last year, a group of threat actors managed to obtain “verified publisher” status through the Microsoft Cloud Partner Program (MCPP). This allowed them to surpass levels of brand impersonation ordinarily seen in phishing campaigns, as they distributed malicious applications bolstered by a verified blue badge only ever given to trusted vendors and service providers in […]

Leave a comment Cancel reply

To leave a comment login with your Urgent Comms account:

Log in with your Urgent Comms account

Or alternatively provide your name, email address below:

Your email address will not be published. Required fields are marked *

Related Content

  • Private wireless networks in the US start going public
  • Microsoft patches 6 zero-day vulnerabilities under active attack
  • IoT connectivity spending climbs as COVID-19 cases decline
  • The battle over connected cars drags on

Commentary


How 5G is making cities safer, smarter, and more efficient

26th January 2023

3GPP moves Release 18 freeze date to March 2024

18th January 2023

Do smart cities make safer cities?

  • 1
6th January 2023
view all

Events


UC Ezines


IWCE 2019 Wrap Up

13th May 2019
view all

Twitter


UrgentComm

Public-safety coalition renews efforts to secure federal NG911 funding dlvr.it/ShwGfn

4th February 2023
UrgentComm

Newscan: Cyberattacks on DoE national labs draw lawmaker scrutiny dlvr.it/Shvpw3

3rd February 2023
UrgentComm

The shine begins to wear off 5G private wireless dlvr.it/Shth0P

3rd February 2023
UrgentComm

Phishers trick Microsoft into granting them ‘verified’ Cloud Partner status dlvr.it/Shqngn

2nd February 2023
UrgentComm

Shapeshifting robot can morph from a liquid to a solid dlvr.it/Shqk9K

2nd February 2023
UrgentComm

Automakers against stampede to BEV dominance dlvr.it/ShpX08

2nd February 2023
UrgentComm

FCC nominee Gigi Sohn headed for third Senate hearing dlvr.it/ShpDcZ

1st February 2023
UrgentComm

Sign up to learn how to successfully manage your Motorola ASTRO® 25 System: spr.ly/60143j8fp https://t.co/XcxiUwzN27

1st February 2023

Newsletter

Sign up for UrgentComm’s newsletters to receive regular news and information updates about Communications and Technology.

Expert Commentary

Learn from experts about the latest technology in automation, machine-learning, big data and cybersecurity.

Business Media

Find the latest videos and media from the market leaders.

Media Kit and Advertising

Want to reach our digital and print audiences? Learn more here.

DISCOVER MORE FROM INFORMA TECH

  • American City & County
  • IWCE
  • Light Reading
  • IOT World Today
  • Mission Critical Technologies
  • TU-Auto

WORKING WITH US

  • About Us
  • Contact Us
  • Events
  • Careers

FOLLOW Urgent Comms ON SOCIAL

  • Privacy
  • CCPA: “Do Not Sell My Data”
  • Cookie Policy
  • Terms
Copyright © 2023 Informa PLC. Informa PLC is registered in England and Wales with company number 8860726 whose registered and Head office is 5 Howick Place, London, SW1P 1WG.