May 22, 2024 at 08:42AM
Rockwell Automation urges customers to disconnect industrial control systems not meant for public internet access due to heightened geopolitical tensions and cyber threats. The U.S. Cybersecurity and Infrastructure Security Agency supports this action, warning of malicious actors targeting operational technology assets. Research also highlights the susceptibility of PLCs to web-based attacks.
Key takeaways from the meeting notes:
– Rockwell Automation advises customers to disconnect industrial control systems (ICSs) not meant to be connected to the public-facing internet due to heightened geopolitical tensions and adversarial cyber activity globally.
– Customers are urged to determine and cut off connectivity for devices accessible over the internet, which are not meant to be left exposed, as a proactive step to reduce attack surface and exposure to unauthorized cyber activity.
– Organizations are required to adopt necessary mitigations and patches to secure against known vulnerabilities impacting their products. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is also recommending appropriate measures to reduce exposure in line with guidance jointly released with the National Security Agency (NSA).
– Adversarial cyber activity targeting operational technology (OT) and industrial control systems (ICS) has been observed, including exploiting internet-accessible assets and conducting Stuxnet-style attacks by compromising web-based interfaces within PLCs.
– To secure OT and ICS networks, it’s advised to limit exposure of system information, audit and secure remote access points, restrict access to network and control system application tools and scripts, conduct periodic security reviews, and implement a dynamic network environment.
These are the main points from the meeting notes related to security and vulnerability concerns in the industrial control systems domain.