We all know that remote control, aka “Remote Desktop Protocol” (RDP) in the IT world, can save precious time and footsteps when a tech needs to make changes to a server—especially in these times of COVID-19 keeping people operating out of their homes. We also know that remote ports on OT skids and controls equipment can help engineers with both maintaining and tweaking equipment to keep it running at its best. That’s why in many cases these remote ports on OT equipment are either cellular (private) to guard against casual connections—or some food processors still leave the LAN cable unplugged from the machine port unless it’s needed for maintenance.
However, with RDP falling into common use in the IT world, and with so many industrial controllers using Windows or even UNIX/Linux-based operating systems (OSs), employing RDP without safeguards on either Windows or Linux platforms can potentially open a path into a control system for a hacker or would-be extortionist—kinda like the inverse of Pandora’s box.