{"id":296,"date":"2025-04-25T17:12:17","date_gmt":"2025-04-25T17:12:17","guid":{"rendered":"https:\/\/sites.wp.odu.edu\/matthew-harris\/?p=296"},"modified":"2025-04-25T17:12:17","modified_gmt":"2025-04-25T17:12:17","slug":"scada-systems","status":"publish","type":"post","link":"https:\/\/sites.wp.odu.edu\/matthew-harris\/2025\/04\/25\/scada-systems\/","title":{"rendered":"SCADA Systems"},"content":{"rendered":"\n<p><strong>BLUF  <\/strong><br>SCADA systems and critical infrastructure typically contain inherent vulnerabilities that, <br>if ignored, can lead to cyber attacks. The constant growth of technology and the increasing rise <br>of cyberattacks emphasize the necessity of developing sufficient mitigation strategies. Examples <br>of common mitigation strategies or technologies include firewalls, intrusion prevention and <br>detection systems, passkeys, continuous security monitoring, segmentation strategy, and <br>multifactor authentication. <br><strong>Introduction  <\/strong><br>SCADA systems are defined as Supervisory Control and Data Acquisition systems <br>responsible for monitoring and controlling industrial control processes. For example, power <br>generation plants integrate SCADA technologies to record voltage levels, accumulated energy <br>levels, and events that occur throughout the power generation process. Ultimately, the function of <br>the SCADA system is to enable control and monitoring of various aspects of a critical process. <br>Vulnerabilities Within Critical Infrastructure <br>Systems                                                               <br>The primary issue with many critical infrastructure systems is that they commonly use <br>legacy software or hardware devices incompatible with modern patches to known vulnerabilities. <br>Additionally, SCADA systems integrated alongside these critical processes have their collection <br>of separate vulnerabilities, ultimately increasing the attack surface of the information technology <br>system. (Wali and Alshehery, 2024) surveyed and found four principal vulnerabilities in the <br>connectivity between SCADA systems and Cloud services: shared infrastructure risks, malicious <br>insiders, and SCADA protocol security weakness.  <br><strong>Mitigating Cyber Threats <\/strong><br>According to (Brown, 2020), many SCADA users believe that simply having a VPN is <br>enough. In the article, Brown also talks about how SCADA vendors are developing Industrial <br>VPN and firewall solutions for networks based on TCP\/IP. However, other ways to mitigate <br>cyberattacks include using NIDS and NIPS. NIDS is a network intrusion system that detects <br>cyberattacks. NIPS is network intrusion prevention and can block threats. Firewalls have been a <br>staple technology used to improve the security posture of SCADA systems throughout history <br>and remain an effective risk mitigation strategy today. Implementing encryption to prevent data <br>theft in case there is a cyber attack. Multifactor authorization is another way to mitigate <br>cyberattacks, such as mitigating phishing-style cyber attacks and adding another layer of <br>protection against insider threats. Security audits and routine updates are needed to stay up with <br>modern cyber security. Using a segmentation strategy to divide the network or system is a key <br>function in isolating sections to limit the spread of cyberattacks.    <br><strong>Conclusion   <\/strong><br>Critical infrastructure systems and the SCADA systems within them are targets because <br>they are at risk of being cyber attacked and can threaten national security. By using the <br>mitigation strategies discussed, critical infrastructure and SCADA systems can maintain <br>operational integrity and defend against cyber attacks.<\/p>\n\n\n\n<p><strong>Reference Page<\/strong><\/p>\n\n\n\n<p>Wali, A., &amp; Alshehry, F. (2024, April 11). <em>A survey of security challenges in cloud-based SCADA systems<\/em>. MDPI. https:\/\/www.mdpi.com\/2073-431X\/13\/4\/97<\/p>\n\n\n\n<p>Brown, P. (2020, December 6). <em>Using SCADA to Protect Critical Infrastructure and Systems<\/em>. Cyberpaul. https:\/\/sites.wp.odu.edu\/cyberpaul\/2020\/12\/06\/using-scada-to-protect-critical-infrastructure-and-systems\/<\/p>\n","protected":false},"excerpt":{"rendered":"<p>BLUF SCADA systems and critical infrastructure typically contain inherent vulnerabilities that, if ignored, can lead to cyber attacks. The constant growth of technology and the increasing rise of cyberattacks emphasize the necessity of developing sufficient mitigation strategies. Examples of common mitigation strategies or technologies include firewalls, intrusion prevention and detection systems, passkeys, continuous security monitoring,&#8230; <\/p>\n<div class=\"link-more\"><a href=\"https:\/\/sites.wp.odu.edu\/matthew-harris\/2025\/04\/25\/scada-systems\/\">Read More<\/a><\/div>\n","protected":false},"author":30663,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":"","wds_primary_category":0},"categories":[1],"tags":[],"_links":{"self":[{"href":"https:\/\/sites.wp.odu.edu\/matthew-harris\/wp-json\/wp\/v2\/posts\/296"}],"collection":[{"href":"https:\/\/sites.wp.odu.edu\/matthew-harris\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/sites.wp.odu.edu\/matthew-harris\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/sites.wp.odu.edu\/matthew-harris\/wp-json\/wp\/v2\/users\/30663"}],"replies":[{"embeddable":true,"href":"https:\/\/sites.wp.odu.edu\/matthew-harris\/wp-json\/wp\/v2\/comments?post=296"}],"version-history":[{"count":2,"href":"https:\/\/sites.wp.odu.edu\/matthew-harris\/wp-json\/wp\/v2\/posts\/296\/revisions"}],"predecessor-version":[{"id":300,"href":"https:\/\/sites.wp.odu.edu\/matthew-harris\/wp-json\/wp\/v2\/posts\/296\/revisions\/300"}],"wp:attachment":[{"href":"https:\/\/sites.wp.odu.edu\/matthew-harris\/wp-json\/wp\/v2\/media?parent=296"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/sites.wp.odu.edu\/matthew-harris\/wp-json\/wp\/v2\/categories?post=296"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/sites.wp.odu.edu\/matthew-harris\/wp-json\/wp\/v2\/tags?post=296"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}