If your password is “123456”, “password”, or “111111”, then you are at risk or your FCCU and Refinery are because those are among the 50 most common passwords that hackers find it trivial to guess. There’s lots of movies about cyber security: kids hack into government systems for fun, terrorists cause a nuclear meltdown, villains seek to take over the world. In real life this December, Sony and theaters pulled a movie “The Interview” because terrorists hacked into their computers via the internet/the cloud and threatened to expose confidential data.
Let’s bring it closer to home. How do you maintain cyber security at your plant. Here’s a couple of places to begin.
Start with stronger passwords.
As a software engineer at a major refinery, I often observed employees typing in the same letter 8 times or simply dragging their thumb across the keyboard. Yet, it’s simple to use a tool like LastPass which encrypts passwords and remembers them so you don’t have to. Learn some simple techniques that anyone can use to create complex, yet easy to recall passwords. View “How To Run Your Business On Cloud Systems”, https://www.udemy.com/how-to-run-your-business-on-cloud-systems by Dr. Matthew Dunn, Chief Explainer, SayItVisually.com. Look for “The Top-Secret Better Password Management Approach”.
Control your environment.
According to Mark Bristow, Chief, ICS-CERT Team Incident Response, U.S. Department of Homeland Security, control systems are becoming increasing vulnerable to outside cyber attacks. “Humans are a huge vulnerability, and they’re perhaps the most difficult to mitigate,” Bristow said. “Employees, systems integrators and vendors can unwittingly compromise your network due to outside technology, like USBs and laptops.”
I’ve personally experienced the vulnerability. At the RefComm conference, we occasionally get a last minute update to a presentation. More than once, we caught a virus on the USB drive (memory stick) that the presenter gave us. The Powerpoint file was downloaded from their company computer which makes their process control network vulnerable.
Learn more about your risks and how to protect yourself at this free webinar: “Where Cyber Security and Process Safety Meet” offered by Schneider Electric on January 27 at 8:00 and 14:00. They will address where cyber security and process safety are similar; where they are different and what integration initiatives companies and standards bodies are already considering.
And don’t forget to change to a stronger password on your computer.