Insecure by Design: Using Human Interface Devices to exploit SCADA systems

Modern Supervisory Control and Data Acquisition (SCADA) systems which are used by the electric utility industry to monitor and control electric power generation, transmission and distribution, are recognized today as critical components of the electric power delivery infrastructure. SCADA systems are large, complex and incorporate increasingly large numbers of widely distributed components. Cyber-attacks usually target valuable infrastructures assets, taking advantage of architectural/technical vulnerabilities or even weaknesses in the defense systems. Even though novel intrusion detection systems are being implemented and used for defending cyber-attacks certain vulnerabilities of SCADA systems can still be exploited. In this article we present an attack scenario based on a Human Interface Device (HID) device which is used as a means of communication/exploitation tool to compromise SCADA systems. The attack, which is a normal series of commands that are sent from the HID to the PLC cannot be detected through current intrusion detection mechanisms.