Critical Infrastructure systems are associated with several threats and vulnerabilities. The
threats can be classified into three categories: natural phenomena, technical hitches and human
errors. These threats are likely to be amplified by key vulnerabilities. For example, one of the key
vulnerabilities to critical infrastructure is geographical location. In most cases, these infrastructures
are concentrated in on location. In case of a natural phenome threat such as an earthquake,
many of these systems will be impacted on concurrently. This creates massive disturbances.
Another vulnerability is the use of interconnected systems to control all the infrastructure though a
human user interface. This makes them vulnerable to both technical failure and human threats.
Human threats include acts of cyber terrorism. If all the critical infrastructure is controlled from a
single point interface, then an attack at this point puts all the systems at risk.
SCADA is fast recognizing the fact that critical infrastructure systems cannot be protected
solely by the VPN or because they can be secured physically by guards. It is also possible that a
threat can come from the inside or that the physical protection system might be overpowered. As
for VPN, it is possible for computer viruses which might be introduced unintentionally to overwrite
these safety measures and introduce vulnerabilities. This is especially in cases of packet control
protocols where the sender of the packets has the capacity to control the systems. To address
these problems, the creators of these systems are creating specialized industrial VPNs together
with firewall solutions. These are systems that apply TCP/IP and additional white listing solutions.
These solutions have the capacity to recognize and block any application for unauthorized
changes.