OT/ICS Cybersecurity – OT:ICEFALL, Addressing Vulnerabilities in Insecure-by-Design Components

Building on findings from AA22-103A, INCONTROLLER, and PIPEDREAM from April, Forescout’s Vedere Labs released a report today detailing vulnerabilities caused by insecure-by-design practices in OT, in what they are calling “OT:ICEFALL.” Members are strongly encouraged to review the details of this report for impacted vendors and apply a risk-based approach to assessing these components and addressing the vulnerabilities across your ICS/SCADA environment.