If so, how to avoid risk happen. Schneider Electric T300 design weakness (30th Jun 2020)

Preface: Dedicated to the specific industry, so called operation technology.

Details: Schneider Electric announce to public that their Easergy T300 has design weakness. When you go through the document (see below url). It official inform that you have to trust your source and make use of your firewall or VPN enforcing the protection. Perhaps you might ask, why don’t vendor issue a firmware upgrade. Yes, my idea is that this is one of the different in between information technology and operation technology. The standpoint of my idea do not written here because the post here only for short message. In short, the official recommendation should taken. Additional, in order to avoid the malware infection. It is better to enhance the DNS lookup function. As of today, Clean DNS service not expensive and easy to implement. The admin only modify workstation and server DNS IP address. My comment is that this is a cost effective solution to avoid malware infection because it increase the difficult to Mr. Malware contact with their C&C server.

https://download.schneider-electric.com/files?p_enDocType=Technical+leaflet&p_File_Name=SEVD-2020-161-04_Easergy_T300_Security_Notification.pdf&p_Doc_Ref=SEVD-2020-161-04

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.