CQR director of technical assurance, Phil Kernick, told CIO Australia that almost all of the SCADA attacks he has investigated are related to malware infections.
In-depth: .
"It's the same type of malware that the Eastern European bad guys are trying to put on your home PC to steal your banking credentials," he said. "If it gets into a control network, it sometimes crashes machines.
"Control network PCs need to be running all the time and not just randomly re-boot."
Kernick said the malware also gets in because of the "porous" inter connection between the control network and the corporate network, staff inserting USB keys into unpatched computers, and contractors connecting their laptop to the network and accidentally unleashing malware into the system.
According to Kernick, an additional problem is that SCADA systems are not run by the corporate IT departments in critical infrastructure companies but by the engineering department.
He said that the engineering and IT departments at critical infrastructure companies needed to "stop throwing rocks at each other" and start working together on SCADA systems.
"Even though these are process control systems they are still made out of IT systems and the best practises such as patching and strong passwords need to be applied."
He said SCADA system owners should also:
Kernick added that these measures should help critical infrastructure companies avoid having to report a security incident to shareholders.
"If something goes wrong and you have to disclose that information, it will manifestly affect your share price," he said.
"Therefore, the business has a very good incentive to protect these systems so they don't have to disclose an attack."
Follow Hamish Barwick on Twitter: @HamishBarwick
Follow CIO Australia on Twitter and Like us on Facebook... Twitter: @CIO_Australia, Facebook: CIO Australia, or take part in the CIO conversation on LinkedIn: CIO Australia