The widespread use of modems is driven by the need for for vendor support, polling, configuration of remote devices, and for providing remote connectivity to remote systems for engineering and IT support. However, modems represent an often overlooked backdoor to control systems and networks that can be exploited by hackers.
In a publication by Homeland Security’s National Cyber Security Division, “Recommended Practice for Securing Control System Modems”, methods for securing dial-up modems are addressed. It states that, ” In general the dial-up PSTN is the least secure as it exposes a modem to the equivalent of world-level Internet access. As a result, this communication point can be accessed from anywhere in the world by anyone with a modem and may be vulnerable to attack.“
One security method presented in the paper is a telephony firewall. All of Multi-Link’s line sharing devices, in addition to cutting costs, allow the end-user to secure access to telephony devices with programmable security access codes(SAC). These SAC’s can be configured differently for each port. Our most robust product from a security standpoint is the Polnet ACP with 7 digit SAC’s that would effectively provide a stand-alone firewall for dial-up modems.
Another method for controlling connections is to control its power supply, powering up the modem for use and then powering down when access is no longer required. The Power Stone is ideal for this procedure with its automatic power-on-call feature. Devices plugged in to the Power Stone can be turned on for the duration of the call and turned off after disconnect. SAC’s are used for manual operation and remote programming.
It is highly recommended to audit and document all known modems and faxes for the purpose of not only cost reduction, but for the sake of closing any backdoors into a company’s telecom and IT networks.