WP-024-2020: The risk of using web interfaces remotely

Login is required to download this document
  • Version
  • Download 4
  • File Size 267.11 KB
  • File Count 1
  • Create Date August 5, 2020
  • Last Updated August 5, 2020

WP-024-2020: The risk of using web interfaces remotely

ENCS recommends to avoid remotely managing field devices, such as RTUs, gateways, and data concentrators, through a web interface. Engineers commonly use a web interface to configure and maintain devices, as they provide easy access. But by using it they may inadvertently help to spread attacks.

Attackers can hop from one field device to many others through the engineer’s web browser. The attack would consist of two steps, explained in this whitepaper:

  1. Physically attack one field device to insert code into the web interface
  2. Trick the browser into making unwanted changes on other devices

This type of attack is hard to counter, as attackers have many options for each step. It can have large impact, as it scales a physical attack on one device to many other devices. Hence, ENCS recommends managing field devices through other means than web interfaces.

Attached Files

File
WP-024-2020 The risk of using web interfaces remotely v1.0.pdf