Business
Testing Scada Networks
SCADA is of course the protocol that utilities such as gas, electric, and telecoms use to control the equipment they have to manage. Think of a simple way to check a temperature or voltage reading and report back as well as set values on switches, pumps, etc.
![zd-defaultauthor-richard-stiennon.jpg](https://www.zdnet.com/a/img/resize/77b56c2922720d92114790683a18bfb44e1586a5/2014/12/04/a57365f1-7b6f-11e4-9a74-d4ae52e95e57/zd-defaultauthor-richard-stiennon.jpg?auto=webp&fit=crop&frame=1&height=192&width=192)
Play audio version
I grabbed a chance to talk to Kowsik Guruswamy CTO and co-founder of MuSecurity, because they have recently added SCADA to the list of protocols they can test with their product. MuSecurity sells hardware appliances that can launch attacks against devices on the network to discover how they react to thousands of anomalous packets. They basically discover zero day vulnerabilities. Their primary customers are IT security departments who are evaluating different solutions, and security vendors that want to improve their products. Now they can also be used to check the robustness of things on the power grid for instance. Listen to the threatcast with Kowsik here. Note that he points out a scary situation. SCADA protocols are based in part on RPC DCOM, an infamous protocol that has been attacked by many worms. That does not make me feel good.