Industrial control system and supervisory control and data acquisition (SCADA) go hand in hand in the regulation of critical infrastructure systems such as water treatment, wastewater treatment, and windfarms. The purpose of SCADA is to “maintain efficiency, process data for smarter decisions, and communicate system issues to help mitigate downtime.” For instance, if there is an irregularity in the system for water treatment, the SCADA system records this data, timestamps it, and sends it over for an operator to review the irregularity to prevent it from repeating.

But while many companies have adopted the system, there are many instances where vulnerabilities to the infrastructures systems are revealed. Some of these vulnerabilities include human interference with the system itself, such as a virus making unauthorized changes or causing the system itself to malfunction. Another important vulnerability that comes with the systems is the age of the age of the software. Since many systems are preconstructed to make it easier for configuration, there tends not to be up-to-date security measures such as user authentication, in turn empowering those who would choose to attack the critical infrastructure. The third of the common weaknesses in the system would be the access to packets. Employers of SCADA are under the false belief that using a virtual private network (VPN) is enough protection when it comes to sending packets. This leads to the packet itself having insufficient security, which can lead to anyone gaining access to there packets via physical means.

To tackle some of these weaknesses in the system, users of SCADA have made updated to their system to combat these attacks. One of these updates being the creation of a specialized VPN and firewalls that prevent outside interference. Another is a white-listing system to reduce the possibility of a person’s unauthorized changes to the system.

Sources:
• Pierluigi, P. (2021, March 24). SCADA & security of critical infrastructures [updated 2020]. Retrieved April 04, 2021, from https://resources.infosecinstitute.com/topic/scada-security-of-critical-infrastructures/
• What is SCADA? (n.d.). Retrieved April 04, 2021, from https://www.inductiveautomation.com/resources/article/what-is-scada