SCADA System USB Port Disabled

Report
Executive Summary
This report outlines the action taken to disable the USB ports in the SCADA system for all
working stations. The decision to disable the USB ports was made to enhance the system's
security by preventing unauthorized access or data transfers that could compromise the
integrity of the SCADA operations. This report details the steps taken, the impact on
operations, and the verification process to ensure all security measures were implemented
correctly.

Introduction
The SCADA (Supervisory Control and Data Acquisition) system is critical to the operations
of Wastewater Plant Raysut. It monitors and controls various processes, and ensuring the
system’s security is paramount. USB ports can pose significant security risks if not properly
managed, making it essential to restrict their use. This report details the process
undertaken to disable the USB ports in the SCADA system.

Details of USB Port Disabling

The USB ports on the SCADA system were disabled using through the BIOS settings of
window. This was done on 21/10/24, ensuring that all USB ports on all the workstations
and servers within the SCADA network were deactivated.
Before Picture:-
After Picture:-
Reasons for Disabling
USB ports present a vulnerability in critical infrastructure systems like SCADA. By disabling
them, we prevent possible security threats such as malware introduction, unauthorized
data access, and data leakage. Several recent security audits and guidelines have
recommended this action, further justifying its implementation. Additionally, there have
been past incidents in the industry where SCADA systems were compromised due to
improper USB port management.

Impact Analysis
The primary positive impact is the enhanced security of the SCADA system. By removing the
threat vector posed by USB devices, the system is now less vulnerable to external threats.
While the disabling of USB ports may affect convenience, such as the ease of transferring
files, alternative methods such as secured network transfers have been put in place to
ensure operational efficiency remains unaffected.

Verification and Testing

After the USB ports were disabled, a series of tests were conducted to ensure the changes
were correctly implemented and that no USB devices could access the system. The tests
included:
1. Attempting to connect various USB devices (flash drives, external hard drives, etc.).
2. Verifying that the system recognized no devices.
3. Ensuring that system operations continued uninterrupted after the USB ports were
disabled.

Conclusion
The action to disable USB ports on the SCADA system has strengthened the security posture
of the organization. By removing a significant vulnerability, the system is now better
protected against potential threats. It is recommended that this action be reviewed
periodically to ensure compliance with security policies, and further steps may be taken to
enhance system security as needed.