Craig Abbott, who is Regional Manager for SE Asia for a significantly large SCADA division of a whopping big automation supplier but is speaking here on his own hook, wrote to the SCADA list:
Note: I believe he is wrong in one respect...an iPod is not just a hard drive, it is an internet enabled server. Think about that, as you read what Craig wrote.
Sneaker net, for those unfamiliar with the term, is the transfer of data between systems on foot (ie: sneakers). Due to lack of any other connectivity, it's sometimes faster to simply transfer data between two machines using a storage device (8" floppies and up). Nowadays, people want to transfer larger amounts of data and use larger devices such as iPods and other GB sized mp3 players that, for all intents and purposes, are external hard drives.
Consider that to make a system "safe" it's standard practice to heavily firewall, or completely disconnect SCADA servers from any external network. Most workstations will also have external connections (such as floppy drives and CD bays) removed to limit access to the system. This makes it hard for people to actually get data off the system for review, which someone will want to do eventually.
If its too difficult to get the data out by any other means, out comes the iPod and the data transfer occurs by sneaker net. Rather than listening to the last music track, the staff member will consider their action as a legitimate use of the system - they need access to the data for review, it's part of their job. As soon as they plug it in, all your defense systems are bypassed and you may have severe problems on your hands.
I know clients that now ban USB sticks in the control room, unless issued by the Sys Admin, and even then for a single use only. Honestly, who hasn't been handed an infected floppy disc or USB stick in the past? My virus protection software has protected me several times that I am aware of, popping up warnings and locking access to files or entire discs. Incompatibilities with what's seen as a data transfer tool (iPod) and a brand new OS (Vista) will just add to the things we need to be vigilant for. The last post on a file trawler is also concerning.
I think that this forum is a great place to raise awareness of potential issues with new server Operating Systems. We may think that the worst would never happen, but I am sure that it will happen to someone.
Craig Abbott
Leaders relevant to this article: