While many think that a cyber attack via Remote Access may be more likely than using individuals onsite to support automation systems, it may be the opposite. The level of risk with Remote Access can be lowered due to a greater focus on vetting remote connections and software, while local resources can be infected by creative hackers in numerous ways.
Remote Access may be more secure, if architected adequately, by creating a check before any software or firmware is allowed into the plant.
Validating software prior to use
One area of concern whether the activity is performed locally or from a remote connection is validation that the software is free from any Trojan viruses. Regardless of the activity being remote or local, it is becoming of greater importance that security policies relating to version upgrades and software incorporate vetting before use. Whitelisting software and implementation of security best practices will become more critical to ensure that all software and version upgrades are free from malicious content.
Thechallenges to enabling remote access are many and require careful assesment of security, usage, and monitoring equipment. The variety of equipment vendors and age adds additional complexity. Many of the systems are old and may not be easily accessed either phusically or by a network. Complexity. Many of the sytems are old and may not be easily accessed either physically or by a network. Complicating matters is that some of the equipmenet was supported byt resoucrrces thathave retired. Large OEM equipment comprises complex mechanical and autamation ssytems that sometimes require expert analysis from the system developer. The result is increased costs associated with waiting for a technician to get on-site.