HQ/EMEAFind out how we can help your business
Rockwell Automation advised clients to disconnect all industrial control systems (ICSs) not designed for online exposure from the Internet since there has been an ongoing spike of cybercriminal activity worldwide.
The advisory emphasised that admins should never set such devices to accept remote connections from systems outside the local network since various exploits could compromise an entire system. By putting them offline, admins can significantly minimise their organisation’s attack surface.
Moreover, this technique ensures that threat actors will no longer have direct access to systems that have not yet employed proper security patches for security vulnerabilities, preventing attackers from obtaining access to their targets’ internal networks.
The geopolitical tensions and heightened cybercriminal activities globally are why Rockwell Automation suggested such action.
Rockwell Automation issued that notice to urge its customers to take immediate action to assess whether they have devices facing the public Internet. As a proactive step, the company explained that connectivity reduces the threat actors’ ability to attack and can immediately reduce exposure to unauthorised and malicious cyber activity.
Additionally, Rockwell advised its customers to take the necessary precautions to secure their equipment from security vulnerabilities affecting Rockwell ICS products. On the other hand, CISA also issued an alert addressing Rockwell Automation’s new guidance for reducing the vulnerability of industrial control systems to cyberattacks.
A couple of years ago, the NSA and CISA issued a joint advisory on protecting operational technology devices and industrial control systems from attacks. They also previously issued recommendations on preventing harmful attacks on OT control systems and protecting Internet-exposed OT assets.
These advisories are built on several initiatives headed by the current US administration, including a July 2021 national security memorandum directing CISA and NIST to develop cybersecurity performance goals and guidance for critical infrastructure operators to help strengthen US critical infrastructure security.
Earlier this month, US federal agencies, including the NSA, FBI, CISA, and cybersecurity agencies from Canada and the United Kingdom, warned about pro-Russian hacktivists disrupting vital infrastructure operations by breaking into insecure operational technology (OT) systems.
Rockwell Automation clients should consider following these advisories for the safety of their infrastructures. Therefore, admins should start taking their unnecessary ICS devices offline to avoid being targeted by threat actors who look to take advantage of the current conflicts happening in various parts of the globe.
