Brandon Vuono 

CYSE 200T 

SCADA Systems Write up 

12 April 2026 

Critical Infrastructures Hidden Vulnerabilities 

Critical infrastructure runs the world we all rely on today. This infrastructure includes essential systems such as power grids, water treatment, transportation networks, and many more systems that are critical to the everyday operations of society. While these systems are needed for everyday society, their reliance on technology and automation is something that should make cybersecurity professionals lose sleep at night. Many of these critical infrastructure systems rely on SCADA (Supervisory Control and Data Acquisition). SCADA monitors and controls operation in real time. SCADA is engineered to make things easier and more efficient. SCADA has not changed much since its implementation into these systems. This creates a vulnerability due to such an outdated system running critical systems for society. This calls for the need for protection and vulnerability testing on SCADA to run critical systems. 

The biggest vulnerability is the fact that SCADA is an old technology. SCADA was designed and implemented decades ago before cyber-attacks were a concern. With that there was never any major security systems implemented such as encryption or dual authentication, and many of the security measures that are second nature to us today. Systems that were isolated from themselves now connected to larger systems or even the internet. This creates an increase in efficiency for these systems but also creates more entry points for cyber-attacks (SCADA Systems Perusal article). For example, SCADA systems can do tasks such as monitoring the electric grid for stability or monitoring the water treatment plants for flow rates. If these SCADA systems are compromised, an attacker could disrupt operations of these systems, manipulate the data, or cause their systems to malfunction, creating physical damage.  

To prevent these risks from becoming avenues for an attacker SCADA although old can help with its real time awareness. Looking at real time monitoring and controlling the systems that run on SCADA, operators would be able to identify any abnormalities before they escalate. This will help reduce the likelihood of major attacks or disruptions in operations of these critical systems. According to the Cyber security infrastructure security agency, using a layered security approach often called defense in depth is one of the most effective ways to protect industrial control systems (CISA, 2023). This is accomplished by using SCADA and human operators to monitor the system.  

In conclusion, critical infrastructure systems are vulnerable to cyber-attacks due to their outdated technology. Along with the increased connectivity of systems and human interaction. By improving the Cybersecurity measures updating these legacy systems and increasing awareness amongst the human operators, organizations can reduce risk of attacks. This will better protect the critical systems society relies on every day.  

References  

Cybersecurity and Infrastructure Security Agency. (2023) Cybersecurity best practices for industrial control systems. 

SCADA Systems Perusal Article