WP-024-2020: The risk of using web interfaces remotely

ENCS recommends to avoid remotely managing field devices, such as RTUs, gateways, and data concentrators, through a web interface. Engineers commonly use a web interface to configure and maintain devices, as they provide easy access. But by using it they may inadvertently help to spread attacks.

Attackers can hop from one field device to many others through the engineer’s web browser. The attack would consist of two steps, explained in this whitepaper:

Physically attack one field device to insert code into the web interface
Trick the browser into making unwanted changes on other devices

This type of attack is hard to counter, as attackers have many options for each step. It can have large impact, as it scales a physical attack on one device to many other devices. Hence, ENCS recommends managing field devices through other means than web interfaces.

Download this document (members only)

Download document

"*" geeft vereiste velden aan

Dit veld is bedoeld voor validatiedoeleinden en moet niet worden gewijzigd.