CYSE 200T Spring 2022

SCADA Systems

Posted by anaeg001 on

SCADA systems are produced for controlling physical processes and analyzing them for industrial organizations. Some of the industrial processes SCADA systems are utilized in are for wind farms, oil and gas pipelines, and electrical power transmission and distribution. Since SCADA systems monitor and control critical infrastructures, unfortunately it can present several risks involved, such as being a target of cyber warfare and cyberterrorism attacks. SCADA systems are also vulnerable to another two types of threats, while the first is software being accessed by an unauthorized individual or it’s internally being infected with a virus or malware which can ruin the system. The next threat is, if an individual has access to the packets being sent and received from the network that hosts SCADA equipment. If anyone has the ability to send and receive packets, they can hijack it and control it too. Therefore, SCADA vendors are enhancing their network architecture by using unique industrial virtual private networks and firewalls to make it more secure. Another method being implemented is whitelisting, which essentially grants access only to pre-approved software and programs to gain access to theirSCADA systems if they’re on the “list”. In addition, file integrity monitoring, which reports modifications such as deletion, renaming, or adding files to the owner of the SCADA system is also being applied. Some physical security measures to help ensure protection are limiting the number of people to the site, restricting the number of technician personnel for maintenance issues, and locking up every computer. In case of a breach, it is also vital to have system backups in place as they are responsible to restore network connections. To conclude, while SCADA systems provide real time data and allow for industrial organizations to control them remotely or physically locally, they are prone to too many vulnerabilities for criminals to hack them and be used for their self-interest or monetary gains. For that reason, it is inevitable for SCADA systems to constantly improve their security measures to prevent any misuse from happening.

References:

Shaw, William (2004). SCADA System Vulnerabilities to Cyber Attack, Electric Energy.https://electricenergyonline.com/energy/magazine/181/article/SCADA-System-Vulnerabilities-to-Cyber-Attack.htm

Paganini, Pierlugi (2013). Improving SCADA Systems, Infosec Institute.https://resources.infosecinstitute.com/topic/improving-scada-system-security/

Leave a Reply

Your email address will not be published. Required fields are marked *