Every security officer views remote connections to corporate systems as a potential threat. For infosec experts at industrial enterprises, and especially at critical infrastructure facilities, the threat feels very real.
You can’t blame them for being cautious. Industrial enterprises, for which downtime can mean damage in the millions of dollars, are tempting targets for cybercriminals of all stripes. Ransomware operators are constantly on the lookout for open RDP connections they can use to infect industrial systems. Employees with publicly known e-mail addresses often receive phishing emails with links to Trojans that provide remote access to attackers. Cybercriminals also keep an eye on HVAC operators, which sometimes connect remotely to the heating, ventilation, and air conditioning systems that operate in industrial environments.