UK government releases new cloud SCADA security guidance for OT

Isometric server-side processing concept
(Image credit: Shutterstock/Net Vector)

The UK National Cyber Security Center (NCSC) has released new guidance on securing supervisory control and data acquisition (SCADA) cloud environments for operational technology (OT).

UK critical national infrastructure (CNI) is highly dependent on SCADA as a means for data collection and control, and due to the importance of their environments they are at a higher risk of cyber attack.

Therefore, the NCSC is seeking to boost the security and resilience of these environments to lower the risk of a critical breach by cyber criminals or state-backed groups.

Tips and tricks for SCADA security

The original basis of SCADA security in legacy systems was designed around the ‘air-gapped’ model, whereby the SCADA infrastructure is separated from both the internet and the organization's network.

The NCSC says that if an organization is looking to move from the ‘air-gapped’ model to a cloud environment, there needs to be significant controls and constant monitoring on the connectivity and access to the CNI. However, migrations to a cloud environment should be considered on a per-case basis, with specific guidance provided depending on the use-case of the organization.

There are several solutions that the NCSC provides guidance on, from full cloud migration down to using the cloud as a simple standby/recovery solution - each with its own pros, cons, and levels of risk.

One of the most significant advantages of using a cloud environment is the open ended design of cloud, allowing organizations to maintain consistent observability over their environment over time, especially as new and advanced threats emerge and are studied and understood.

The NCSC also highlights the scalability of cloud environments, both in capacity and application usage, with both being available depending on the needs, size and criticality of the infrastructure being operated.

China has increasingly targeted US CNI in a number of cyber attacks, and the crosshairs could soon more to the UK, the NCSC says, stating in its Annual Review 2023 that, “it is highly likely the cyber threat to UK CNI has heightened in the last year,” alongside a statement in a joint advisory with the US Critical Infrastructure & Security Agency (CISA) about the risks posed by China.

Speaking on the NCSC guidance, Chris Doman, CTO and co-founder of Cado Security said, "This report comes off the back of two trends; SCADA systems are increasingly not only connected to the internet, but also hosted in the cloud. This brings easier access to the data but can also increase the attack surface.

"There is a wider concern and awareness of the security of critical national infrastructure, and the potential for cyber attacks to cause physical damage, partly due to world events."

More from TechRadar Pro

Benedict Collins
Staff Writer (Security)

Benedict has been writing about security issues for over 7 years, first focusing on geopolitics and international relations while at the University of Buckingham. During this time he studied BA Politics with Journalism, for which he received a second-class honours (upper division),  then continuing his studies at a postgraduate level, achieving a distinction in MA Security, Intelligence and Diplomacy. Upon joining TechRadar Pro as a Staff Writer, Benedict transitioned his focus towards cybersecurity, exploring state-sponsored threat actors, malware, social engineering, and national security. Benedict is also an expert on B2B security products, including firewalls, antivirus, endpoint security, and password management.