You are here

Home » Cybersecurity

Cybersecurity

Addressing the Disappearing Air-Gap – O' Asset Inventory, Asset Inventory, Wherefore Art Thou Asset Inventory?

As the air-gap becomes a thing of the past (many say it is already gone), how should industrial organizations, including utilities and other critical infrastructure facilities, maintain control and security of OT environments? While there are several fundamental cybersecurity controls that protect our networks, one program must be tackled before all others can be duly implemented – asset inventory. If it seems cybersecurity advice keeps harping on the need to perform an accurate, comprehensive, and current asset inventory, there is good reason – you cannot protect what you do not know.

Exim Releases Security Patches

Exim has released patches to address a vulnerability affecting Exim versions 4.87–4.91. A remote attacker could exploit this vulnerability to take control of an affected email server. This vulnerability was detected in exploits in the wild. The NCCIC encourages users and administrators to review the Exim CVE-2019-10149 page and either upgrade to Exim 4.92 or apply the necessary patches.

WAGO Industrial Managed Switches 852-303, 852-1305, and 852-1505 (ICSA-19-164-02)

The NCCIC has published an advisory on use of hard-coded credentials, use of hard-coded cryptographic key, and using components with known vulnerabilities in WAGO Industrial Managed Switches 852-303, 852-1305, and 852-1505. Multiple products and multiple versions of these products are affected. Successful exploitation of these vulnerabilities could allow a compromise of the managed switch, resulting in disruption of communication, and root access to the operating system. WAGO recommends users update their managed switch to the latest firmware.

Johnson Controls exacqVision Enterprise System Manager (ICSA-19-164-01)

The NCCIC has published an advisory on an improper authorization vulnerability in Johnson Controls exacqVision Enterprise System Manager. Versions 5.12.2 and prior are affected. Successful exploitation of this vulnerability could allow malicious code execution. Johnson Controls recommends upgrading to the latest product, version 19.03. The NCCIC also advises of a series of mitigating measures for these vulnerabilities. Read the advisory at NCCIC/ICS-CERT.

Siemens LOGO!8 Devices (ICSA-19-162-03)

The NCCIC has published an advisory on improper restriction of operations within the bounds of a memory buffer and session fixation vulnerabilities in Siemens LOGO!8 devices. Multiple versions of these devices are affected. Successful exploitation of these vulnerabilities could allow a remote attacker to escalate privileges and view data transmitted between the device and the user. For some devices, Siemens recommends upgrading to a new version. For others, Siemens has identified specific workarounds and mitigations to reduce the risk.

Siemens SIMATIC Ident MV420 and MV440 Families (ICSA-19-162-02)

The NCCIC has published an advisory on improper privilege management and cleartext transmission of sensitive information vulnerabilities in Siemens SIMATIC Ident MV420 and MV440 Families. All versions of both products are affected. Successful exploitation of these vulnerabilities could allow a remote attacker to escalate privileges and view data transmitted between the device and the user. Siemens has identified specific workarounds and mitigations to reduce the risk. The NCCIC also advised on a series of mitigating measures for the vulnerabilities.

Siemens Siveillance VMS (ICSA-19-162-01)

The NCCIC has published an advisory on improper authorization, incorrect user management, and missing authorization vulnerabilities in Siemens Siveillance VMS. Multiple products and versions of the products are affected. Successful exploitation of these vulnerabilities could allow an attacker with network access to Port 80/TCP to change device properties, user roles, and user-defined event properties. Siemens has released updates to address the vulnerabilities. The NCCIC also advised on a series of mitigating measures for the vulnerabilities.

Report - SANS 2019 State of OT/ICS Cybersecurity Survey

Looking for justification to increase funding and support for OT/ICS cybersecurity initiatives? Challenged by decision makers to prove the need for additional resources? Wonder other questions like:

How does your company’s/utility’s perception of ICS risk compare to that of other organizations?

How are other asset owners defining the boundaries between OT systems and external systems?

How do your ICS security roadblocks compare to others?

15 Steps to Keep Foes from Hacking and Hurting Our Water Infrastructure

WaterISAC is pleased to share that Homeland Security Today featured an article on our newly released 15 Cybersecurity Fundamentals for Water and Wastewater Utilities. The article includes the list and bite-size description of each fundamental for a quick overview. From performing asset inventories to participating in information sharing communities, such as WaterISAC, each section of the guide provides standard practices and supporting resources to help organizations secure OT and IT systems.

Pages

Subscribe to Cybersecurity