Supplemental Cyber Highlights – July 13, 2023

The following posts are useful for general awareness of current threats, vulnerabilities, guidance, and other cyber-related news or updates. These resources have been curated by the WaterISAC analyst team as items of broad relevance and benefit that do not need supplemental analysis at this time.

ICS/OT – Vulnerabilities, Threats & Risks

Due to the challenges and complexities in “patching now” in ICS/OT environments, ICS cybersecurity experts are extremely judicious with that recommendation. The Rockwell Automation ControlLogix vulnerability is one of the rare instances where experts are urging asset owners/operators to “patch now.” As such, please review the following resources to evaluate and address accordingly if you have this component in your ICS/SCADA environment:

• Dragos Enables Defense Against APT Exploits for Rockwell Automation ControlLogix (Dragos)
• Finding Rockwell Automation Allen-Bradley Communication Modules Affected by CVE-2023-3595 and CVE-2023-3596 in OT Environments (Tenable)
• Severe Rockwell Automation ControlLogix Vulnerabilities Patched; Users Must Update (Claroty)

Other ICS/OT Vulnerabilities

• Crit.IX: 9 vulnerabilities discovered in Honeywell’s Experion® Platforms for Distributed Control Systems (DCS) (Armis)
• Nozomi Networks Discovers Three Vulnerabilities Affecting BlueMark DroneScout ds230 Remote ID Receiver (Nozomi Networks)
• The 5 Riskiest Connected Devices in 2023: IT, IoT, OT, IoMT (Forescout)

ICS/OT Preparedness & Resilience

• The Basics Behind Building an Asset Inventory in OT Environments (SynSaber)
• How Are OT Hackers Getting IN Today? (Waterfall Security)
• Ultimate Guide to OT Remote Access in Cyber Security (Claroty)
• Operational Technology (OT) Network IDS is Dead. Long Live the AirGap! (Industrial Cyber)

Network Device Vulnerabilities

• SonicWall warns admins to patch critical auth bypass bugs immediately (Bleeping Computer)
• Juniper Networks Patches High-Severity Vulnerabilities in Junos OS (SecurityWeek)

Ransomware

• Ransomware gangs have extorted $449 million this year: Chainalysis (The Record)

Reports and General Awareness

• FACT SHEET: Biden-⁠Harris Administration Publishes the National Cybersecurity Strategy Implementation Plan (White House)
• Scam Page Volumes Surge 304% Annually (Infosecurity Magazine)
• The Spies Who Loved You: Infected USB Drives to Steal Secrets (Mandiant)
• How to secure your business before going on vacation (Malwarebytes)