Posted: February 27th, 2023

Tech Brief on Current Alerts

Assignment Objectives:  Choose an Alert closely related to the weekly topic and write a concise summary using the template.

Assignment Directions: 

 Choose a topic closely related to our weekly material and write a concise summary using the organizational template and example
Organizational Template x 

Organizational Template

A. Identify the Vulnerability Type(s)

B. List the Impact

C. Analyze and Outline the Mitigation Plan

D. Source

Example:

A. Vulnerability Type:

Insufficient Verification of Data Authenticity

Active Scanning: Vulnerability Scanning

Spearphishing and Social Engineering Methods

B. Impact:

Remote Code Execution

Directory Traversal

Structured Query Language (SQL) Injection

Web Shell Uploads

C. Mitigation Plan:

1. Network Segmentation: use proper network-protection devices to isolate industrial robots that need to process data coming from other networks, possibly with a physical cable, to make spoofing only possible to an attacker who is physically onsite.

2. Secure Programming: in addition to adopting secure network architectures, system integrators should promote secure programming guidelines among their control-process engineers and programmers, to minimize the attack surface exposed by automation code.

3. Automation Code Management: knowing and keeping track of the automation code produced by a system integrator and running in a factory is a fundamental prerequisite to find, manage, and resolve vulnerabilities and other security issues that may arise.

D. Source: AA20-304A (https://us-cert.cisa.gov/ncas/alerts/aa20-304a)