Supervisory Control and Data Acquisition (SCADA) provides real-time monitoring and control capabilities that allow the operators to identify suspicious activity and take corrective actions as soon as they catch them. (Industrial C.I.). They monitor the Critical Infrastructure Systems are very important in our day to day by keeping essential services like electricity, water, transportation, and communication running efficiently. However, these systems are complex, and it makes them vulnerable to attacks from both physical and cyber. This is where SCADA and these Critical Infrastructure Systems come together.
SCADA ensures security and reliability to these systems. However, these systems are increasingly vulnerable to cyber-attacks which can have catastrophic consequences. Some threats faced by SCADA system is unauthorized access to software and access to the network segments that host SCADA devices. Some security features that are implemented within SCADA include user authentication, data encryption, and intrusion detection systems that help them prevent attacks.(SCADA S.)
Some vulnerabilities in Critical Infrastructure Systems are Cyber-Attacks due to the important and connection with nature, if under attack and the hackers get inside the system this could cause disruption of the critical systems. The attackers could steal sensitive information or even cause physical damage. A way of mitigating this through SCADA is how they provide real-time monitoring, constantly collecting data and detecting unusual activity that may be an indication of an attack.
Another vulnerability seen in the Critical Infrastructure is human error. By human error its saying that poor security practices, or insider threats can inadvertently compromise system integrity and expose vulnerabilities to personnel or outsiders with bad intentions. SCADA systems mitigates this vulnerability by enabling remote control and automation of critical infrastructure processes, this reduces the use of human touch on this system and minimizes the risk of relying on human intervention, at the end just preventing human errors on the infrastructures.
From my research I found an article called “SCADA: Industrial Network Protocols Explained” by WireX Systems and it included an example on an attack on SCADA. Back in 2015 a cyberattack on a power grid in Ukraine left thousands of customers without electricity, these attackers used a spear-phishing email that led them to gain access into the network of the power distribution companies. Access to those networks led them to entering the SCADA systems and disconnecting electrical substations causing widespread blackouts. This attack is notable as one of the first successful cyberattacks on a nation’s power grid(WireX). Some ways that SCADA has created mitigations efforts to improve their security system and involving less human contact will prevent another cyberattack like this to occur so easily.
In conclusion I believe that SCADA systems are a crucial tool for protecting the critical infrastructure and preventing future physical or cyber-attacks. While they also introduce some vulnerabilities their capabilities and security features play a crucial role in mitigating risks and ensuring the smooth operation the services provided from each infrastructure. While attacks on these infrastructure are only increasing is always good to come up with better ways to better this system and protect our day-to-day services.