Issues common to Australian critical infrastructure providers SCADA networks discovered through computer and network vulnerability analysis

Authors

Craig Valli, Edith Cowan UniversityFollow

Document Type

Conference Proceeding

Publisher

School of Computer and Information Science, Edith Cowan University, Perth, Western Australia

Abstract

This paper reports on generic issues discovered as a result of conducting computer and network vulnerability assessments (CNVA) on Australian critical infrastructure providers. Generic issues discovered included policy, governance, IT specific such as segregation, patching and updating. Physical security was also lacking in some cases. Another issue was that previous security audits had failed to identify any of these issues. Of major concern is that despite education and awareness programs, and a body of knowledge referring to these issues, they are still occurring. It may be necessary for the federal government to force organisations to undergo computer and network vulnerability assessment from recognised experts on a regular basis.

Comments

6th Australian Digital Forensics Conference, Edith Cowan University, Perth Western Australia, December 3rd 2008.

DOI

10.4225/75/57b2803940cc8