To be honest, it make surprise to me this month. An abnormal situation causes SCADA system in high risk. CVE-2018-5440 focusing vulnerability on COdesys web server.This product deployment use mainly in the critical manufacturing and energy sectors. Perhaps this is a Microsoft product and hard to avoid vulnerability occurs. The accusation of NotPetya ransomware attack last week bring the world focusing to SCADA system in the world. Meanwhile this vulnerability add unknown factor to SCADA control system environment. The official announcement suggest to do the following:
1. Use controllers and devices only in a protected environment to minimize network exposure and ensure they are not accessible from outside
2. Use firewalls to protect and separate the control system network from other networks
3. Use VPN (Virtual Private Networks) tunnels if remote access is required
4. Protect both development and control systems from unauthorized access (e.g., by means of the operating system)
5. Protect both development and control system by using up-to-date virus detecting solutions
For CVE details, please refer below url for reference.
https://www.securityfocus.com/bid/102909
Have you noticed the news has changed its approach recently? What used to neve be brought up or discussed has changed. It’s that time to chagnge our stance on this though.