Effectiveness of SCADA System Security Used Within Critical Infrastructure
This paper addresses the critical problem of cybersecurity vulnerabilities in SCADA systems for operators of critical infrastructure, highlighting that even isolated systems are at risk.
This paper investigates the security of SCADA systems within critical infrastructure, hypothesizing that increased interconnectivity between corporate and SCADA networks poses significant risks. The study, focusing on past global attacks in Iran and Ukraine, found that while interconnectivity is a major factor, even isolated critical infrastructures remain highly vulnerable due to inherent risks within SCADA controllers and protocols.
Since the 1960s Supervisory Control and Data Acquisition (SCADA) systems have been used within industry. Referred to as critical infrastructure (CI), key installations such as power stations, water treatment and energy grids are controlled using SCADA. Existing literature reveals inherent security risks to CI and suggests this stems from the rise of interconnected networks, leading to the hypothesis that the rise of interconnectivity between corporate networks and SCADA system networks pose security risks to CI. The results from studies into previous global attacks involving SCADA and CI, with focus on two highly serious incidents in Iran and Ukraine, reveal that although interconnectivity is a major factor, isolated CIs are still highly vulnerable to attack due to risks within the SCADA controllers and protocols.