web analytics

Rockwell Automation Urges Disconnection of ICS from the Internet – Source: www.databreachtoday.com

rockwell-automation-urges-disconnection-of-ics-from-the-internet-–-source:-wwwdatabreachtoday.com
Rate this post

Source: www.databreachtoday.com – Author: 1

Critical Infrastructure Security
,
Governance & Risk Management
,
Operational Technology (OT)

Advisory Says Disconnecting ICS Reduces Exposure to Malicious Cyber Activities

Prajeet Nair (@prajeetspeaks) •
May 22, 2024    

Rockwell Automation Urges Disconnection of ICS from the Internet
Rockwell Automation urged industry to ensure that devices not configured for the internet aren’t exposed to it. (Image: Shutterstock)

Rockwell Automation warned customers to disconnect industrial control systems from the internet, citing escalating cyber threats and rising global geopolitical tensions.

See Also: From Ancient Myths to Modern Threats: Securing the Transition from Legacy to Leading Edge

The advisory calls for immediate action from users to assess and remove internet connectivity for devices not explicitly designed for online exposure. Devices should never be configured for direct public internet access unless they are specifically designed for it, such as certain cloud and edge offerings, it said.

Disconnecting these systems is a proactive measure to reduce the attack surface and exposure to unauthorized and malicious cyber activity from threat actors, the advisory said.

Earlier this month, a joint warning from U.S. and international cyber agencies warned that pro-Russian hacktivists are intensifying attacks on critical operational technology systems across North America and Europe, targeting sectors such as water, wastewater, dams, energy and agriculture.

The joint advisory said that the hacking groups are using unsophisticated techniques to target internet-exposed industrial control systems, causing disruptions and posing physical threats to vulnerable operational technology environments (see: US and Allies Issue Cyber Alert on Threats to OT Systems).

Pro-Russian hackers gain remote access through publicly exposed internet-facing connections and unpatched software. Hackers also exploit default and weak passwords for accounts not protected by multifactor authentication.

The joint alert urges organizations to implement multifactor authentication for all access to the OT network, disconnect programmable logic controllers and HMIs from public-facing internet, and immediately change default and weak passwords.

Recommendations also include integrating cybersecurity best practices into OT system design and development, as well as creating backups of engineering configurations and firmware for faster recoveries.

Jim Routh, chief trust officer at Saviynt, said it is relatively common to have industrial control devices configured with access controls outside of the IT and identity and access management teams.

“In this case, enterprise customers using the Rockwell ICS devices may have been connected to the internet with limited access controls that need hardening and management. Disconnecting these devices from the Internet is the safest alternative in addition to establishing more mature IoT security practices,” said Routh, also an Institute for Critical Infrastructure Technology fellow.

Original Post url: https://www.databreachtoday.com/rockwell-automation-urges-disconnection-ics-from-internet-a-25298

Category & Tags: –

Views: 0

LinkedIn
Twitter
Facebook
WhatsApp
Email

advisor pick´S post

Joas Antonio
ChatGPT for Cybersecurity by Joas Antonio dos Santos – malwareanalysis #reverseengineering
ChatGPT for Cybersecurity by Joas...
CISO2CISO Notepad Series
How Can We Structure Cybersecurity Teams To Better Integrate Security In Agile At Scale?
How Can We Structure Cybersecurity...
OCCUPYTHEWEB
Linux Basics for Hackers by Occupytheweb
Linux Basics for Hackers by...
NIST
Digital Forensics and Incident Response (DFIR) Framework for Operational Technology (OT) by NIST – Eran Salfati and Michael Pease
Digital Forensics and Incident Response...
Think Big Blog
Top 10 TED Talks to Learn about Cyber Security
Top 10 TED Talks to...
NCSC
NCSC Cyber Security for Small Business “SMEs” Guide.
NCSC Cyber Security for Small...
Marcos Jaimovich
The Silent Spectre Haunting Your Network: QPhishing, the CISO’s Unspoken Nightmare.
The Silent Spectre Haunting Your...
Marcos Jaimovich
Goodbye to Traditional: Why Conventional Cybersecurity Tools are No Longer Sufficient for the Future of Digital Threats ?
Goodbye to Traditional: Why Conventional...
Marcos Jaimovich
Why do we compare a SOC (Security Operations Center) with the cockpit of a commercial airplane? by Marcos Jaimovich
Why do we compare a...
Joas Antonio
Security Operations Center (SOC) – Tools for Operations Development by Joas Antonio
Security Operations Center (SOC) –...
IZZMIER
Incident Response Playbooks & Workflows Ready for use in your SOC & Redteams
Incident Response Playbooks & Workflows...
LOGPOINT
396 Use Cases & Siem Rules Code ready for use for Mitre Attacks Events Detection in Your SOC by Logpoint
396 Use Cases & Siem...

LASTEST PUBLISHED POSTS

Hacker Combat
How are Passwords Cracked ? by Hacker Combat.
How are Passwords Cracked ?...
N/A
Security Metrics & KPIs for Measuring SOC Success – Measure Up: How SOC Metrics Elevate Your Security Posture.
Security Metrics & KPIs for...
Sectrio
The Global OT & IoT Threat Landscape Assessment and Analysis rEPORT 2024 by Sectrio Threat Research Lab Initiative.
The Global OT & IoT...
ISA SECURE
The Case for ISA/IEC 62443Security Level 2 as a Minimumfor COTS Components
The Case for ISA/IEC 62443Security...
Huntress
2024 Cyber Threat Report
2024 Cyber Threat Report
NACD - Intenet Security Alliance
2023 Director’s Handbook on Cyber-risk Oversight
2023 Director’s Handbook on Cyber-risk...
Devoteam
14 Cybersecurity Trends for 2024
14 Cybersecurity Trends for 2024
IGNITE Technologies
MEMORY FORENSICS VOLATILITY
MEMORY FORENSICS VOLATILITY
CAREER UP
7 Steps to your SOC Analyst Career
7 Steps to your SOC...
National Cyber Security Centrum
Managing Insider Threats
Managing Insider Threats
Marcos Jaimovich
The Silent Spectre Haunting Your Network: QPhishing, the CISO’s Unspoken Nightmare.
The Silent Spectre Haunting Your...
Marcos Jaimovich
Goodbye to Traditional: Why Conventional Cybersecurity Tools are No Longer Sufficient for the Future of Digital Threats ?
Goodbye to Traditional: Why Conventional...

More Latest Published Posts

Accenture
THE NEXT-GENERATION Building a Digital Central Bankfor a Digital Age
THE NEXT-GENERATION Building a Digital Central Bankfor a Digital Age
Thecyphere
Microsoft EntraID (Azure)ConditionalAccess
Microsoft EntraID (Azure)ConditionalAccess
aws
AWS Security Incident Response Guide
AWS Security Incident Response Guide
Government of South Australian
South Australian Cyber Security Framework
South Australian Cyber Security Framework
NAO -National Audit Office
Audit and Risk Assurance Committee Effectiveness Tool
Audit and Risk Assurance Committee Effectiveness Tool
WWW. D E V S E COP S G U I D E S . CO M
Attacking Docker
Attacking Docker
W W W . D E V S E C O P S G U I D E S . C O M
Attacking AWS – Offensive Security Aproach
Attacking AWS – Offensive Security Aproach
ENISA
Artificial Intelligence and Cybersecurity Research 2023
Artificial Intelligence and Cybersecurity Research 2023
MuleSoft
API Security Best Practices – Protect your APIs with Anypoint Platform
API Security Best Practices – Protect your APIs with Anypoint Platform
Green Circle
All about Security Operations Center
All about Security Operations Center
DAZZ
A Guide to Building a Secure SDLC – Which Scanning Tools Should I look at, and where do they go?
A Guide to Building a Secure SDLC – Which Scanning Tools Should I look at, and where do they go?
zimperium
2023 Mobile Banking Heists Report
2023 Mobile Banking Heists Report
40 under 40
40 under 40 in CyberSecurity 2024
40 under 40 in CyberSecurity 2024
HADESS
40 Days in DeepDark Web About Crypto Scam
40 Days in DeepDark Web About Crypto Scam
Everbridge
8 Principles of Supply Chain Risk Management
8 Principles of Supply Chain Risk Management
CHAOSSEARCH
Threat Hunter’s Handbook – Using Log Analytics to Find and Neutralize Hidden Threats in Your Environment
Threat Hunter’s Handbook – Using Log Analytics to Find and Neutralize Hidden Threats in Your Environment
ENDGAME
The Hunters Handbook Endgame’s Guide to Adversary Hunting
The Hunters Handbook Endgame’s Guide to Adversary Hunting
THE EU’S MOST THREATENING by EUROPOL
THE EU’S MOST THREATENING by EUROPOL
National Cyber Security Centre
Responding to a cyber incident – a guide for CEOs
Responding to a cyber incident – a guide for CEOs
IGNITE Technologies
CREDENTIAL DUMPING
CREDENTIAL DUMPING
HADESS
Pwning the Domain Lateral Movement
Pwning the Domain Lateral Movement
Jorgen Lanesskog
PING Basic IP Network Troubleshooting
PING Basic IP Network Troubleshooting
TELESOFT
Layer 7 Visibility What are the Benefits?
Layer 7 Visibility What are the Benefits?
TIGERA
Introduction to Kubernetes Networking and Security
Introduction to Kubernetes Networking and Security
Department of Defense's (DoD)
Defense Industrial Base Cybersecurity Strategy 2024
Defense Industrial Base Cybersecurity Strategy 2024
Dummies
Zero Trust Access for Dummies Fortinet
Zero Trust Access for Dummies Fortinet
Homeland Security
Zero Trust Implementation Strategy
Zero Trust Implementation Strategy
National Australia Bank Limited
Your Business and Cyber Security
Your Business and Cyber Security