Home > About Us > News > News 2011 > Cyber Security is Everyone’s Job


Control Design Readers vote us #1 Again
Sixnet Partners with UL Electrodevices to Provide Industrial Networking Solutions in India
Digital Panel Meter Delivers Dual Counter and Dual Rate Meter with Math Functions
New Heavy Duty Length Sensor Available
Increased Profitability Through Insight
Sixnet Named to Connected World Magazine’s CW 100 List for 2012
Sixnet Joins Red Lion
Enhanced Functionality for G306
Crimson 3.0 Now Provides Support for Banner's iVu® Vision Sensors
2011 Readers' Choice Awards Honor Panel Meters
Modular Controller Approved for Hazardous Locations
Unmanaged Ethernet Switches for Harsh Environments
Red Lion Increases Staff, Shows Commitment to Customer Care and Product Development
Panel-mounted Antenna for Remote Asset Management
Red Lion Adds Omron STI G9SP Communications Driver
Send Your Plant Floor Data Directly to SQL
G3 Adds Direct MPI Interface
Panel-mounted Connectors Provide Safe, Easy Access
10 Protocols Simultaneously on one Ethernet Port!
Meter Programming Made Easy!
Cyber Security is Everyone’s Job
Automatic Language Translations using Crimson 3

:: NEWS ::
Cyber Security is Everyone’s Job

In 2003, Red Lion Controls introduced the G3 series of operator interface – one of the first industrial HMIs to include an embedded webserver. The success of the G3 resulted in the development of other web-enabled products, such as the Data Station Plus and Modular Controller series. These products have allowed countless customers to remotely access their equipment and assets, lowering their operational costs and improving efficiency.

Red Lion’s products use a proprietary operating system, which greatly reduces the likelihood of hackers exploiting known security issues, such as is common with commercially available, and widely-distributed, operating systems. Indeed, the now-famous Stuxnet virus was able to attack Siemens’ software by taking advantage of several zero-day security vulnerabilities within the ubiquitous Windows operating system.

While Red Lion believes the use of our own proprietary operating system provides a higher level of security than readily available operating systems, it does not mean that our products, nor your equipment, are completely safe from attack. Therefore, Red Lion has always stressed to our customers that they take security precautions. We were recently reminded of the importance of advanced security measures when we were contacted by the Industrial Control Systems Cyber Emergency Response Team, part of the U.S. Department of Homeland Security. An independent researcher had contacted ICS-CERT to report an “exposed system”, which contained a Red Lion G3. The researcher had found the G3 using a relatively simple method, and discovered that no usernames or passwords were configured to prevent access to the system!

During subsequent calls, it was determined that the system was configured to allow monitoring only, rather than full control. Regardless, we thought it best to use this occurrence as a reminder to the importance of security, and the dangers posed by cyber-attacks on industrial equipment and critical infrastructure.

Red Lion recommends the following steps…
  • Critical and safety-related devices should not directly face the Internet
  • Employ use of and create strong usernames and passwords – do not use default values
  • Use Crimson’s IP filter to limit server access
  • Consider the use of an external firewall

Red Lion takes cyber-security seriously, and will continue to work with ICS-CERT and our customers to prevent system attacks. If you have any questions, feel free to contact us. To report an exposed system, or to learn more about ICS-CERT, visit http://www.us-cert.gov/control_systems/ics-cert/.


Privacy Policy | Terms and Conditions | Warranty Statement
Repair Order Policy | Return Policy
in Spanish in French in German in Italian in Chinese Search home