Today’s Data Centers are vulnerable, exposed, and at high risk. Despite the increased threat of cyber attack around the world, most Data Centers have no Industrial Controls security policies in place. Vulnerabilities are everywhere. Security apertures can be opened by seemingly benign activities such as ping sweeps, use of sophisticated software applications, and, of course, by the use of default passwords.
Inside risks are exacerbated by convenience ports and weak control-system computers, which are often running back versions of Windows. Convenience ports enable the appearance of non-industrial traffic on the industrial system, which could introduce malware and provide additional attack apertures. Data Centers present diverse environments that weren’t intended to be connected to networks or the Internet. So standard IT security practices are ineffective.