Research: Industrial Networks Are Vulnerable To Devastating Cyberattacks

Patrick O'Neill writes: New research into Industrial Ethernet Switches reveals a wide host of vulnerabilities that leave critical infrastructure facilities open to attackers. Many of the vulnerabilities reveal fundamental weaknesses: Widespread use of default passwords, hardcoded encryption keys, a lack of proper authentication for firmware updates, a lack of encrypted connections, and more. Combined with a lack of network monitoring, researchers say the situation showcases "a massive lack of security awareness in the industrial control systems community."

Industrial network

[hunter44102]

I work in a multiple plant system with geographic separation. Each plant operates independently. But its the geniuses on top that believe we need to some day run all plants from one location. (They also want to be able to see all the plants from anywhere). So we can very secure by keeping each industrial network separated and completely disconnected from each other and the outside world, OR we can make all plants vulnerable by interconnecting them and allowing big shots to see the plant operation from their phone.