SCADA Systems

Posted by aelli054 on

In this write-up you will use the SCADA SystemsLinks to an external site. article, along with your own research, to explain the vulnerabilities associated with critical infrastructure systems, and the role SCADA applications play in mitigating these risks.

Keeping Critical Infrastructure Safe

“SCADA systems are also used for monitoring and controlling physical processes, like the distribution of water, traffic lights, electricity transmissions, gas transportation and oil pipelines, and other systems used in modern society” (Scada Systems, p. 6). These systems must have tight security, as they are vulnerable to security attacks by cybersecurity criminals. An incident at one of the locations could cause great harm or loss of lives.

Packet Control Protocols

            This class has taught us cybersecurity criminals are one step ahead of what is being protected. The biggest threat to packet control protocol is that it is easy for cybersecurity criminals to control the entire system. “In numerous cases, there remains less or no security on actual packet control protocol; therefore, any person sending packets to a SCADA device is in a position to control it” (Scada Systems, p. 6). This can be fixed by ensuring the packet is authenticated before the packet is received. SCADA can use firewalls to block suspicious packets. SCADA can use firmware updates to mitigate this risk.

Unauthorized Access

            Another threat is unauthorized access to the system. Now that the SCADA is using the third-generation system, the system is open to being hacked by the internet. The SCADA can use user roles to mitigate this risk. “Authorization allows an entity to access and perform determined actions regarding data. In order to be effective, authorization should be based on the roles that an entity may have” (de Oliveira Albuquerque, 2014, p. 22760).  In 2021, a hacker gained access to a water facility in Florida. The hacker used unauthorized access to change the chemical mixes. This type of unauthorized access could have been fatal. The water company should use two-factor authentication. They should have a robust system of password requirements. They should separate operational networks. Lastly, they should ensure that only those who need those user roles have them.

Conclusion

         SCADA systems protect important infrastructure and must be protected at all costs. If they are not protected, it can be fatal or have serious consequences. Consequences could result in loss of trust in business, lawsuits, loss of money, and even concerns of more cyber-attacks.  Simple solutions of training, employee awareness, audits, encryption, authentication, and updated software can make a difference in protecting critical infrastructure.

References:

Adefemi Alimi, K. O., Ouahada, K., Abu-Mahfouz, A. M., & Rimer, S. (2020). A Survey on the

Security of Low Power Wide Area Networks: Threats, Challenges, and Potential Solutions. Sensors (14248220)20(20), 5800. https://doi-org.proxy.lib.odu.edu/10.3390/s20205800

SCADA Systems, http://www.scadasystems.net





Leave a Reply

Your email address will not be published. Required fields are marked *