Rockwell Stratix routers have been found to be vulnerable to a Cisco zero-day exploit, according to a security advisory from Rockwell Automation. The vulnerability, known as “PN1653 | Stratix® 5800 & 5200 vulnerable to Cisco IOS XE Web UI Privilege Escalation (Active Exploit),” exposes the routers to potential security breaches that could compromise the integrity and confidentiality of the affected systems.
In response to this discovery, Rockwell Automation has urged its customers to take immediate action to address the vulnerability. The company has provided instructions on how to mitigate the risk, including updating the router firmware to the latest version and implementing access control measures to protect the system from unauthorized access.
The vulnerability highlights the importance of robust cybersecurity measures in industrial control systems (ICS), particularly in the context of critical infrastructure. The potential consequences of a successful exploit in these systems can be severe, ranging from disruption of operations to compromise of safety protocols.
This issue was discussed at the recent ICS Cyber Security Conference, organized by SecurityWeek. The conference provided a platform for experts and industry professionals to examine the latest threats and trends in ICS cybersecurity. Among the topics discussed were the increasing number of malware attacks targeting IoT devices, which have seen a staggering 400% increase in recent years.
The Zscaler ThreatLabz 2023 Enterprise IoT and OT Threat Report, referenced during the conference, shed light on the rise of these attacks. The report highlighted that the increasing connectivity of IoT devices, coupled with lax security practices, has made them prime targets for cybercriminals. The report called for organizations to strengthen their defense mechanisms and adopt a proactive approach to securing their IoT infrastructure.
In a related news story, a nuclear power plant operator in the UK has been cited for its inadequate cybersecurity plan. The operator’s strategy was found to be lacking in key areas, including risk assessment and incident response procedures. The citation serves as a wake-up call to operators of critical infrastructure, emphasizing the need for robust cybersecurity measures to protect not only their own operations but also the safety of the general public.
Meanwhile, the Cybersecurity and Infrastructure Security Agency (CISA) continues to play a crucial role in highlighting vulnerabilities and providing guidance to organizations. CISA recently issued several advisories related to industrial control systems (ICS). These advisories serve as warnings and offer recommendations to mitigate risks associated with specific products and systems.
One of the advisories focused on Hitachi Energy’s RTU500 Series Product, providing an update to address a previously identified vulnerability. The update aims to enhance the security of the product and prevent potential exploits. Additionally, CISA released nine other advisories, covering various ICS vulnerabilities, highlighting the breadth of security concerns within critical infrastructure.
In other news, Rockwell Automation and Dragos, a cybersecurity firm specializing in industrial control systems, announced a partnership aimed at strengthening ICS cybersecurity for manufacturers. The collaboration will leverage Dragos’ expertise in threat intelligence and Rockwell Automation’s industry-leading automation solutions to provide enhanced security capabilities.
The partnership comes at a time when organizations are increasingly recognizing the need to bolster their cybersecurity measures in response to evolving threats. The collaboration between Rockwell Automation and Dragos demonstrates a proactive approach to addressing these challenges and underscores the importance of industry cooperation in safeguarding critical infrastructure.
In an interview, Garrett Bladow, a Distinguished Engineer at Dragos, highlighted the criticality of active visibility into OT (operational technology) systems. Bladow emphasized the importance of real-time awareness of potential threats and vulnerabilities in industrial networks to enable effective incident response and mitigation strategies.
Furthermore, in the Learning Lab segment, Mark Urban, in discussion with Paul Lukoskie, Dragos’ Director of Intelligence Services, delved into the topic of cyber threat intelligence. Lukoskie shared insights into the role of threat intelligence in identifying and mitigating cybersecurity risks, highlighting the importance of proactive defense measures.
To stay updated on the latest developments in OT cybersecurity, Control Loop offers a monthly newsletter that can be accessed through a free subscription on the CyberWire’s website. The newsletter provides valuable insights and information to help organizations enhance their cybersecurity posture in the ever-evolving threat landscape.
Overall, the recent discoveries and discussions within the cybersecurity community highlight the ongoing need for robust defenses in industrial control systems. As threats continue to evolve, organizations must prioritize cybersecurity measures to ensure the integrity, availability, and confidentiality of critical infrastructure systems. The collaboration between industry leaders and the guidance provided by organizations like CISA are essential components in this ongoing effort to secure our critical infrastructure.