Webmaster Notes
September 2025 - Saw a probe in my server logs for Ignition and SCADA. I am not sure what this was all about.
Supervisory control and data acquisition
Social Engineering is possibly the most common ways that systems are compromised, however, hacks of systems (financial and social) by fraudsters could pale into insignificance if power stations and the Internet backbone is compromised.
Cyber Security
...... as in the Government "needs to raise its game" on cyber security, MPs warn - a statement made early in 2017 by the Daily Mail.
I started my coverage of this topic in detail on my Canadian site. Now in 2017 the subject is becoming more and more a news item.
2023, I am reviewing my pages and I am adding back references to these topics.
SCADA
The employment of SCADA is possibly the biggest Cyber-Security threat. The fact that a lot of infrastucture systems are connected by such systems is more than a little troubling.
Supervisory control and data acquisition (SCADA) is a control system architecture comprising computers, networked data communications and graphical user interfaces for high-level supervision of machines and processes. It also covers sensors and other devices, such as programmable logic controllers, also known as a distributed control system (DCS), which interface with process plant or machinery.
The operator interfaces, which enable monitoring and the issuing of process commands, such as controller setpoint changes, are handled through the SCADA computer system. The subordinated operations, e.g. the real-time control logic or controller calculations, are performed by networked modules connected to the field sensors and actuators.
The SCADA concept was developed to be a universal means of remote-access to a variety of local control modules, which could be from different manufacturers and allowing access through standard automation protocols. In practice, large SCADA systems have grown to become similar to DCSs in function, while using multiple means of interfacing with the plant. They can control large-scale processes spanning multiple sites, and work over large distances. It is one of the most commonly used types of industrial control systems.
The CIA and FBI
In the days of the new Trump adminstration, Fake News, I find stories such as the Wikileaks leak of 8,761 documents
on techniques for hacking and surveillance particularly amusing.
Top
Cyber Weapons
Wikileaks have said that they are going to release a list of "Cyberweapons" used by the CIA and other American/UK security agencies, first to Microsoft, Apple and other software and hardware vendors such as Google and Facebook, so that they can "defend" against them.
The concept of this is somewhat at odds with the notion that these vendors have capitulated with National Security services, particularly those in the US, and have installed backdoors in their software to allow access by Law Enforcement Agencies.
Man-in-the-middle attack
The Man-in-the-middle and Man-on-the-side attacks are explained on the Wikipedia pages, quotes from both are below.
The technicalities of how this is done has been debated in detail in many "hacker forums". The bottom-line with
all these attacks is that for the threats to be perpetrated a large measure of
Social Engineering has to be employed so that systems can be initially compromised.
In cryptography and computer security, a man-in-the-middle[a] (MITM) attack is a cyberattack where the attacker secretly relays and possibly alters the communications between two parties who believe that they are directly communicating with each other, as the attacker has inserted themselves between the two parties
A man-on-the-side attack is a form of active attack in computer security similar to a man-in-the-middle attack.
Instead of completely controlling a network node as in a man-in-the-middle attack, the attacker only has regular
access to the communication channel, which allows him to read the traffic and insert new messages, but not to modify or
delete messages sent by other participants. The attacker relies on a timing advantage to make sure that the
response he sends to the request of a victim arrives before the legitimate response.
SCADA - Supervisory Control and Data Acquisition
The Wikipedia page said at the time of writing.
Supervisory control and data acquisition (SCADA) is a control system architecture comprising computers, networked data
communications and graphical user interfaces for high-level supervision of machines and processes. It also covers sensors
and other devices, such as programmable logic controllers, which interface with process plant or machinery.