In-Class Assignments

SCADA Systems and Critical Infrastructure

Posted by acole066 on

Amanda Coleman

11/09/2025

SCADA Systems and Critical Infrastructure

BLUF: This paper outlines the vulnerabilities in critical infrastructure systems and how SCADA Systems mitigate them.

            Critical infrastructure refers to the products, processes and services that are essential for the daily functions of the people and organizations. These include water supply and treatment, electricity, waste treatment, mass transportation and air travel. The continuous operation of critical infrastructure is monitored and controlled by Supervisory Control and Data Acquisition (SCADA) systems. SCADA is the combination of automated Industrial Control Systems (ICS) that collect and transmit data and the manpower that monitors these systems and act as needed.

Vulnerabilities of Critical Infrastructure Systems

  • Insufficient authentication controls. Older ICSs are vulnerable because they only require one form of identification and authentication to access the system.
  • Increased access for public internet users through connected operational technology
  • Weak network security. Some systems operated on outdated anti-virus software and unprotected networks, as management neglected cybersecurity protocols.
  • Employee negligence. Untrained employees utilize weak, dictionary passwords for administrative accounts, making them susceptible to various password attacks.

SCADA System Mitigation techniques

According to a scadasystems.net article, and the Cybersecurity and Infrastructure Security Agency (CISA), SCADA systems aim to mitigate the vulnerabilities of critical infrastructure systems by implementing the following measures:

  • Implementing more robust security measures like stronger passwords, multi-factor authentication and role-based access to key operating systems. This maintains the confidentiality of the data.
  • Software updates, penetration testing and effective anti-virus controls for older ICS models.
  • Blocking public access by removing OT connections to the internet, installing firewalls and using subnets to filter login attempts. This preserves data integrity and protects the system from manipulation.
  • Network segmentation in SCADA systems ensure only authorized personnel can access parts of the ICS like the programmable logic controls or human machine interfaces at any given time, to allow faster exposure containment.
  • SCADA also includes continuous monitoring and intrusion detection systems at each layer of operations and manual overrides to keep production running in the event of an attack, while severing remote connections to the network. This technique ensures that availability is not compromised.

Conclusion

            In a world of increasing technological integration, critical infrastructure is a lucrative target to attackers seeking ransomware payouts. SCADA systems now have more effective cybersecurity measures built in to prevent a large-scale attack and costly shut down of essential services.

References

Using SCADA To Protect Critical Infrastructure and Systems. SCADA systems Articlehttps://www.scadasystems.net

Kaaviya. CISA Warns of Hackers Attacking ICS/SCADA Systems in Oil and Natural Gas Companies. CISA.gov. https://cybersecuritynews.com/hackers-attacking-ics-scada-systems/

Leave a Reply

Your email address will not be published. Required fields are marked *