I am including this list of recommendations in the hopes that readers will take action to protect their networks. If you only do these eight things, I estimate that you will reduce your vulnerability by 90 percent.
Discontinue Remote Connections to the BCS
Granted, the building maintenance personnel and equipment vendors want to access the equipment from the comfort of their recliner at home. So does the hacker. I have yet to see a BCS that does not have remote access. I asked an engineer once if his building had remote access. He said “No.” I asked to ...