Protecting Your Networks from Online Threats: Our New SCADA Cyber Automation Lab 

Worldwide, public and private orga­ni­za­tions are expe­ri­enc­ing a significant uptick in cyber threats like computer viruses and data breaches. For example, in the water industry, cyber attacks can put not only utility data and facilities at risk, but also expose customers’ personal information to malicious actors.

These attacks aren't theoretical, they've already happened. A phishing email scam in 2016 set a Midwest utility company back $400,000+ in recovery and cleanup costs and interrupted their commu­ni­ca­tion and billing services for a week. In 2019, a western water utility found they were locked out of important technical data by hackers who requested a ransom to unlock the files—this turned out to be their second ransomware attack in two years. The utility company decided forego the payment and took several weeks to recover their data from back-up systems. As hackers are scaling up their attacks, identifying and mitigating these types of cyber risks is mandatory for any utility or orga­ni­za­tion.

By taking advantage of automation technology, CDM Smith's new SCADA cyber automation lab can simulate network and data systems and test their resilience against cyber threats in a dynamic and isolated space.

Using these simulated systems, CDM Smith automation experts run scenarios to simulate how viruses move through a system. These scenarios demonstrate how well the system stands up against viruses and malware while also making sure it meets Risk Management Framework (RMF) and other standards. The simulations do not impact the actual system and can be performed on-site or virtually—which has been especially helpful while navigating COVID-related challenges.

"This lab allows us to simulate different types of cyber threats, develop strategies to build in security within our designs, and provide recom­men­da­tions to clients to improve their cyber resiliency," explains Jim Livermore, CDM Smith's director of global information security.

Following the simulation, recom­men­da­tions to implement security tools can be provided to improve a clients’ supervisory control and data acquisition (SCADA) systems. Tools are tested and recommended based on vulner­a­bil­i­ties detected during the simulation, RMF and other mandate require­ments, and current licensing/programs in place.

To the casual observer, the space may look like a standard computer lab with desks and displays, but it is stocked full of the most current state-of-the-art hardware and software to provide safe and effective simulations. Some of the features include:

• Isolated high-speed internet connection—A separate internet connection helps automation experts safely run hack simulations. 


• IDS (Intrusion Detection System) and IPS (Intrusion Prevention System)—IDSs and IPSs monitor network activity for malicious threats from outside or inside the orga­ni­za­tion.


• Dell PowerEdge Server—This high-performance server allows automation experts to run processes and access the lab from across the globe. 


• Network Attached Storage (NAS)—Having NAS allows for multiple users to securely store and retrieve data. 


• Palo Alto firewall—Firewalls are security systems that serve as a barrier between trusted and untrusted networks. Palo Alto is a leading cyber­se­cu­rity company with next-generation products. 


• Microsoft security tools—Microsoft is widely used across the industry. Having these tools accessible makes for accurate testing and realistic recom­men­da­tions.  

Having a dedicated cyber automation lab allows us to adapt to changing virtual envi­ron­ments. With this space, we can test and train against threats to our clients' SCADA systems.