Keep your electronic gateways safely protected
15 September 2008
Hearing about government departments loosing vast quantities of data by mislaying memory sticks has presented a timely reminder to anyone involved in running IT based industrial control systems. If your data is not secured, then you risk loosing it and perhaps allowing unwelcome attacks on your system because a hacker has been granted access through an unprotected gateway.
USB memory sticks are easily lost
A sensibly encrypted password system would thwart the efforts of the average hacker and thus maintain system security so Industrial users of Wi-Fi communication systems must use encrypted access codes. Simple passwords are too easy to crack. An attacker could be sitting in a car just outside the perimeter fence but still in Wi-Fi range. With a simple laptop and word generation package, it would be simple to find a password in a matter of seconds.
Once through the wireless gateway, the hacker has full access to whatever system lies behind. It may only be plant monitoring and alarm handling at the moment but sometime in the near future, it could be total plant control.
The best plan is to make it hard to find the password. Adding numbers and symbols to the password increase the time it takes for a word generator to come up with the right combination of alphanumeric characters. A dictionary package can find a simple word in minutes. With added characters in the password, minutes become hours and days. With full encryption, the task is pretty much impossible.
If we all guarded our data, loosing a stick would not represent a security catastrophe. Someone finding a memory stick on the train would then only have one option. Format the stick and load up the holiday snaps for convenient future viewing. Loosing information on a memory stick is careless. Not having the data stored unprotected should be criminal.
If you've a view on this article, please drop the editor a line via the e-mail link below.