SCADA, which stands for Supervisory control and data acquisition, refers to control systemsthat are used to control general infrastructure, and as it stands, is a very viable method by which you can reduce vulnerabilities within critical infrastructure systems. Due to the nature of SCADA, it is quite useful, as it can allow many remote access control to systems, it’s connection to a supervisory system can prevent attacks, and the ability to coordinate processes together in real time.
Infrastructure.
Some critical infrastructure is simply too complex for management by people, but the alternative remains true as well, that some is too simple for us to be wasting time by having them managed by professionals. According to DPS Telecom, a fierce advocate of SCADA systems, they say that utilization of SCADA allows for reduction of “manual labor needed to check meters” and “improves routine operations and emergency response” (DPS Telecom). In a list of other big benefits that it gives, this is a key insight to the vulnerabilities that it provides, as you will note that it directly counteracts the issue of disgruntled employees that might trade off their passwords for some monetary benefit, and in the event of a cyberattack of some form, there are implemented emergency response guidelines in place. These things all together in conjunction could very well single handedly prevent some of the biggest vulnerabilities a piece of critical infrastructure might face.
Remote Access.
SCADA also provides remote access capabilities to workers, which allows for ease of access when it comes to its usage. It is interesting to note that in many situations, remote access would actually be more dangerous than onsite computers, but this may not be the case! You might be surprised to hear that the world of cybersecurity is getting more secure every day, and that remote access can be a safer method sometimes. In reading on the capabilities of remote access within SCADA systems, a website named AutomationWorld showed that SCADA remote access contains some of the best, and common methods used to secure remote access privacy; Virtual private networks and Multi-factor authentication systems (AutomationWorld). These might seem like simple tricks, but they are classics for a reason, and that is because they are simply very effective at what they aim to do.
Vulnerabilities.
Another one of the vulnerabilities common in Critical Infrastructure has to do with issues stemming from fears of cyberattacks on sensors themselves, within systems such as agriculture or water processing. Only two years ago, was an attack on a water treatment plant where a hacker attempted to poison the water within, and spread it out to parts of the San Francisco Bay area. A similar incident happened in a small town in Florida, where very much the same thing happened. Before the water was sent out, the change in composition was detected by sensors within the facility, on a different, local area network. As simple as it might seem, the separation of the two systems saved many lives in these incidents. SCADAlink discusses the nature of this separation, as sensors tend to exist as a simple form, with digital or analog input/output systems, and it is difficult to send them over a long distance in the way that they exist. Thanks to this intermediary system that breaks it down into a simpler approach for another computer, there is a comfortable buffer computer that prevents direct access to the machines in the field.
Conclusion.
These are some of the vulnerabilities that SCADA can protect in some critical infrastructure systems. As time goes on, SCADA will probably be steadily improved, and existing flaws will be replaced, making the IoT even safer. As it stands right now though, SCADA is still very good at covering some of these large vulnerabilities, making it a worthwhile investment.
References.
BenTek Systems. (n.d.). An introduction to SCADA. SCADALink. Retrieved March 26, 2023, from
https://www.scadalink.com/support/knowledge-base/an-introduction-to-scada/
Crump, J. (2021, June 18). Hackers tried to poison California Water Supply in major cyber attack.
Newsweek. Retrieved March 26, 2023, from https://www.newsweek.com/san-francisco-water-plant-
hack-cyber-attack-poison-supply-1601798
DPSTelecom. (n.d.). How is SCADA used for water systems? SCADA Use for Water Systems.
Retrieved March 26, 2023, from https://www.dpstele.com/insights/2020/01/21/how-is-scada-used-for-
water-systems/
Greenfield, D. (2022, February 8). Managing the risk of remote SCADA ACCESS | Automation World.
Automation World. Retrieved March 26, 2023, from
https://www.automationworld.com/factory/iiot/article/22043595/managing-the-risk-of-remote-scada-
access
Leave a Reply