Write-Up – SCADA Systems

Posted by mhast005 on

Moriah Hasty

November 5, 2022

CYSE 200T

Write-Up: SCADA Systems

The ins and outs of SCADA

SCADA is a software application that is used to mitigate risk within critical infrastructures. Due to critical infrastructures being targets for cyberwarfare and terrorism attacks. This paper will discuss the vulnerabilities of critical infrastructures and how SCADA is used to mitigate those risks.

Vulnerabilities within critical infrastructure systems

There are numerous risks within critical infrastructure systems. Critical infrastructures are vulnerable to cyberterrorism and cyberwarfare attacks due to hackers trying to gain access to an industries industrial control system. According to Edry, “hackers are becoming much more interested in operational technology, the physical connected devices that support industrial processes,” and “the vulnerability and lack of knowledge of operational technology is the most dangerous thing today” (Cyber attacks on Critical Infrastructure, 2016). Some of the vulnerabilities that could leave an industry at risk are weak physical protection, weak devices with limited computational power, and inadequate security for engineering cyber systems that are typically five to ten years behind. The most common way for these systems to be attacked is due to little to no “security on actual packet control protocol; therefore, any person sending packets to a SCADA device is in a position to control it” (SCADA systems).

SCADA’S risk mitigation plan

Supervisory control and data acquisition, also known as SCADA, is a software application used to control and protect industrial operations. This software is used by industries to mitigate risk within critical infrastructure systems. SCADA networks mitigate these risks by “developing specialized industrial VPN and firewall solutions for SCADA networks that are based on TCP/IP” (SCADA systems). In doing this, the VPN creates a secure connection when accessing restricted sites, and the firewall creates the restriction. SCADA also implements whitelisting, which is “a cybersecurity strategy under which a user can only take actions on their computer that an administrator has explicitly allowed in advance.” Instead of trying to keep one step ahead of cyberattackers to identify and block malicious code, IT staff instead compiles a list of approved applications that a computer or mobile device can access” (Fruhlinger, Whitelisting explained: How it works and where it fits in a security program 2020).

Conclusion

In conclusion, there are plenty of vulnerabilities associated with the critical infrastructure due to weak physical protection and few firewall options. The SCADA mitigates the risk and limits the industries vulnerability. Through the use of vpn firewalls and whitelisting, the infrastructure is set up to protect themselves against those risks.

References

SCADA systems. SCADA Systems. (n.d.). Retrieved November 5, 2022, from http://www.scadasystems.net/ 

Cyber attacks on Critical Infrastructure. AGCS Global. (2016, June). Retrieved November 5, 2022, from https://www.agcs.allianz.com/news-and-insights/expert-risk-articles/cyber-attacks-on-critical-infrastructure.html Fruhlinger, J. (2020, June 17). Whitelisting explained: How it works and where it fits in a security program. CSO Online. Retrieved November 5, 2022, from https://www.csoonline.com/article/3562429/whitelisting-explained-how-it-works-and-where-it-fits-in-a-security-program.amp.html

Leave a Reply

Your email address will not be published. Required fields are marked *