The malware WannaCry/WannaCrypt has been all over the news recently. Since most of the operator and engineering workstations used in distributed control systems (DCSs) and supervisory control and data acquisition systems (SCADA) are PC-based, the question was naturally could these have been/or be impacted by this dangerous malware.I caught up with Emerson’s Jaime Foose. She noted that it is important to point out that personal computer users can easily avoid these types of attacks by following some very basic principles. Top of the list is to not rely on unsupported operating systems which are no longer maintained by the supplier. Next is to always keep your PC updated with the latest patches. And, from a user interaction perspective, never click on unknown links or attachments.
Specific to PCs used in control and data acquisition systems, never enable email on these PCs. From an architectural standpoint, do not expose the control system to the corporate local area network and internet, and always block/monitor vulnerable Windows traffic on the network. Also, the control networks and PCs should be hardened to not allow USB sticks and wired or wireless access to the PCs and networks.
By following these practices, systems would have been protected from WannaCry/WannaCrypt and other dangerous malware to date. Jaime also explained that many organizations are stretched very thin with their technical staffs, and lack the time and resources make it extremely difficult to keep pace with the dynamic, complex and serious nature of cybersecurity.
Suppliers can help by providing ongoing cybersecurity services to help process manufacturers. For the power generation, water & wastewater industries, the Power and Water Cybersecurity Suite is a platform-independent ICS cybersecurity solution that provides additional layers of protection for control system users with staffing challenges.
Modules in this suite include antivirus detection, application control, configuration management, device control, network intrusion detection, software/firmware patch management, rogue system detection, security incident & event management, system backup & recovery and vulnerability assessments. A Cybersecurity Suite Dashboard helps bring visibility to these elements.