This paper addresses an often overlooked “backdoor” into critical
infrastructure control systems created by modem connections. A modem’s
connection to the public telephone system is similar to a corporate network
connection to the Internet. By tracing typical attack paths into the system, this
paper provides the reader with an analysis of the problem and then guides the
reader through methods to evaluate existing modem security. Following the
analysis, a series of methods for securing modems is provided. These methods
are correlated to well-known networking security methods.