ICS Ethernet Switches Littered with Flaws

Infosecurity Magazine | March 11, 2019

ICS Ethernet Switches Littered with Flaws
Security researchers discovered multiple vulnerabilities in Moxa industrial switches, according to Positive Technologies and Moxa. Moxa published a security advisory stating that it had issued resolutions for the vulnerabilities in the EDS-405A, EDS-408A, EDS-510A, and IKS-G6824A series ethernet switches that are used to build industrial networks across several sectors including oil and gas, transportation, and maritime logistics. “A vulnerable switch can mean the compromise of the entire industrial network. If ICS components are parts of the body, you can think of network equipment as the arteries that connect them all. So disruption of network interactions could degrade or even stop ICS operations entirely, said Paolo Emiliani, industry and SCADA research analyst at Positive Technologies, in a press release. Three of the vulnerabilities were identified as highly dangerous, according to the press release. Security experts Ivan Boyko, Vyacheslav Moskvin and Sergey Fedonin said, “The flaws could allow an attacker to recover passwords from a cookie intercepted over the network or by using XSS, extract sensitive information, or brute force credentials using the proprietary configuration protocol to obtain control over the switch and possibly the entire industrial network.

Spotlight

At the 2016 RSA Conference, CSO's Steve Ragan chats with Joseph Opacki from PhishLabs about how cyber-criminals are becoming increasingly smarter about targeting specific high-end business users to try and steal data or money.

Spotlight

At the 2016 RSA Conference, CSO's Steve Ragan chats with Joseph Opacki from PhishLabs about how cyber-criminals are becoming increasingly smarter about targeting specific high-end business users to try and steal data or money.

Related News

DATA SECURITY

Nozomi Networks Raises the Bar on Delivering Prioritized Actionable Intelligence for OT/IoT Networks to Accelerate Responses to Security Threats

Nozomi Networks | October 27, 2021

Nozomi Networks Inc., the leader in OT and IoT security, today announced new updates in Vantage™, the first cloud-based OT/IoT network security solution that equips security professionals and industrial operators with actionable, AI-driven insights to manage risk and speed precise remediation. The new enhancements help eliminate “alert fatigue” by narrowing down the hundreds of notifications security teams have to parse to determine the severity of vulnerabilities. “With attacks on OT and IoT infrastructure occurring daily, we know that organizations are overwhelmed with prioritizing risk reduction efforts, responding to alerts, and accelerating the detection of malware,The latest release of Vantage is designed to not only detect threats in critical infrastructure but also help prioritize and guide remediation steps quickly and efficiently. Only Vantage can provide these capabilities at the scale of the largest OT and IoT networks in the world.” Andrea Carcano, Co-Founder and Chief Product Officer at Nozomi Networks According to Ponemon Research, 52% of organizations say they are at a disadvantage in responding to vulnerabilities because they use a manual process and 72% say difficulty in prioritizing vulnerabilities contributes to patch delays. ESG Research finds 34% of cyber security professionals reported their biggest vulnerability management challenge is prioritizing which vulnerabilities to remediate. “Nozomi Networks has a proven reputation for continuous innovation and these latest updates only add to it,” said Frost & Sullivan Industry Analyst Danielle VanZandt. “With the explosive growth of IoT devices in industrial environments, now more than ever, security professionals need faster paths to actionable intelligence and tools that support the best possible response. Nozomi Networks has stepped up with a solution that fills the gap.” In this latest upgrade, Nozomi Networks continues to expand vulnerability management automation and intelligence with new prioritization metrics for vulnerability assessments. New Vantage features include: Prioritized Vulnerability Management With the new vulnerability dashboard, operators can quickly visualize all the OT and IoT vulnerabilities in the network, prioritize which vulnerabilities pose the greatest risk, and assess the level of effort to address the issues network-wide. Vantage provides: Actionable insights on remediation steps, patches, and upgrades. Built-in analytics scores that highlight which corrections will have the biggest impact on risk reduction, as well as identify which may be more labor-intensive. In addition to the Vantage vulnerability management process, Vantage leverages an AI-driven threat detection engine that analyzes endpoint and network configurations, traffic flows, and network packet contents to provide the deepest and most sophisticated insights for OT networks in the industry. Customized Playbooks for Precise Response In addition to customizing alerts for specific threats and vulnerabilities, now security professionals have the option to supplement these notifications with custom playbooks designed to guide response plans for each alert. These playbooks: Precisely guide remediation steps for specific threats, simplifying and accelerating operational response. Can be customized to specify workflows for each alert and to address individual customer environments and workflows. Can be shared between organizations. Streamlined Operations With Vantage, security professionals can quickly manage multiple hundreds or thousands of sites with limited resources. The SaaS-based solution is easy to deploy and runs in the cloud, providing near zero-cost setup and ongoing maintenance. Automated analysis and playbooks simplify remediation steps and costs to enable smaller teams to have more visibility across more devices and more sites. Vantage also makes it feasible to share security data with partners, vendors, and other applications from the centralized cloud repository without opening the network up to external users. About Vantage Vantage was designed to meet the rapidly evolving requirements of IoT-enabled infrastructures. The cloud-based OT and IoT network visibility and security solution delivers unmatched security and visibility with the unlimited scalability of SaaS. Vantage makes it possible to grow without limitations to consolidating data aggregation, analysis, and operations. With Vantage you can protect any number of OT, IoT, IT, edge, and cloud assets, located anywhere, with a single platform. About Nozomi Networks Nozomi Networks accelerates digital transformation by protecting the world’s critical infrastructure, industrial and government organizations from cyber threats. Our solution delivers exceptional network and asset visibility, threat detection, and insights for OT and IoT environments.

Read More

Cybersecurity expert talks online safety as people work from home, kids learn online

katv | August 24, 2020

As people continue to work from home and Arkansas students take classes virtually this year, online security is more important than ever.Chris Moss is the information security officer at Arkansas Tech University. He said one of the most important things people need to do right now is watch out for what devices are connecting to their home WiFi or hot spots, and making sure these devices are secure.All your data is going to flow across that wire, so if it's unsecured, anyone can see that wire," Moss said, "It's just not the little guy sitting. In the basement, you know, in the dark typing on the computer.

Read More

To seamlessly incorporate digital security into the product manufacturing process, PTC and Cybellum partner

prnewswire | January 14, 2021

PTC and Cybellum, an innovator in Automotive Cybersecurity Risk Assessment, today declare an association to convey a mix between PTC's Windchill RV&S and Cybellum's foundation. The joint arrangement will give computerized network protection checking to programming created utilizing Windchill RV&S, to guarantee consistence with all the necessary wellbeing and security guidelines. PTC's Windchill RV&S joins prerequisites designing, thorough programming setup control and test the executives to guarantee makers assemble the correct items. The product source code and assembled executables are overseen inside Windchill RV&S, and during registration, Cybellum's complete stage flawlessly directs network protection assessments. Joint clients would now be able to characterize programming security contemplations right off the bat in the item life cycle, one next to the other with their entire item designing cycle. They would then be able to design their execution, compute and deal with the related network protection chances with regards to the entire item. Programming engineers can likewise proactively test and fix the distinguished security or wellbeing dangers utilizing the consequently created, itemized direction. This can guarantee that basic wellbeing and security weaknesses are recognized, overseen, organized and relieved all through the designing cycle, ensuring that your items are free from any and all harm. The joint arrangement additionally encourages clients to plan for and conform to existing and forthcoming network protection guidelines, (for example, ISO 26262 Road Vehicles Functional Safety, UN WP29 (World Forum for harmonization of Vehicle Regulation), and ISO 21434 DIS Road vehicles Cybersecurity Engineering). "We are excited about the partnership with PTC, helping product development teams shift left by embedding cybersecurity risk assessment processes and prevent vulnerabilities early in the delivery process of software-intensive products," said Michael Engestler, co-founder and CTO of Cybellum. "Through the unique integration with PTC Windchill RV&S we empower manufacturers to control, trace and mitigate safety and security issues early on, ultimately delivering safe and secure products." "We see this integration as a significant enhancement for PTC customers who are particularly concerned about the cybersecurity of the software they manage with Windchill RV&S," said Hedley Apperly, VP SSE Products, PTC. He continued, "This automated security scanning and remediation mentoring will be invaluable to any manufacturer building software intensive products, which are vulnerable to cyber-attack." About Cybellum Cybellum empowers automotive OEMs and suppliers to identify and remediate security risks at scale, throughout the entire vehicle life cycle. Our agentless solution scans embedded software components without needing access to their source code, exposing all cyber vulnerabilities. Manufacturers can then take immediate actions to eliminate any cyber risk in the development and production process, before any harm is done, while continuously monitoring for emerging threats impacting vehicles on the road. About PTC PTC enables global manufacturers to realize double-digit impact with software solutions that enable them to accelerate product and services innovation, improve operational efficiency, and increase workforce productivity. In combination with an extensive partner network. PTC provides customers flexibility in how its technology can be deployed and drive digital transformation – on premises, in the cloud, or via its pure SaaS platform. At PTC, we don't just imagine a better world, we enable it.

Read More