Systems relied on by most critical infrastructure organizations for adjusting and monitoring switching, for manufacturing of goods, and for other kinds of process-control activities—based on feedback collected by sensors. A number of security experts think that these systems may be vulnerable to crack attacks; thus, their role in controlling the critical infrastructures may actually make them attractive targets for cyberterrorists.
Though SCADA systems previously used only proprietary computer system software, with their operations largely confined to isolated networks, today’s SCADA systems operate using commercially available software, thus increasing their vulnerability to exploitation. Moreover, more SCADA systems are being linked through the Internet directly into corporate headquarters’ computer systems. For these reasons, certain experts believe that the SCADA systems are not sufficiently protected against a crack attack. Other security experts disagree, saying that the SCADA systems are not only more robust than previously thought but also more resilient than they were before. Thus, if the systems were attacked, they would recover quickly.
Wilson, C. CRS Report for Congress: Computer Attack and Cyberterrorism: Vulnerabilities and Policy Issues for Congress. [Online, October 17, 2003.] CRS Report Website. http://www.fas.org/irp/crs/RL32114.pdf.