Nearly all the products we purchase
are processed by automated systems. If these were to stop working, or workflow
maliciously adjusted, there would be a clear issue immediately as the products
were assembled incorrectly or broken during the “adjusted” process. While this
potential to wreck our way of life if implemented on a large scale, there has
not been a sufficient amount of attention paid to it. Recently, a new
vulnerability was uncovered with the equipment. This vulnerability, which is
critical, is in the real-time automation’s (RTA) 499E5 EtherNet/IP (ENIP)
stack. The stack is widely used and is the standard for factory floor I/O
applications in North American plants. If the attacker is able to exploit this,
the equipment could experience a DoS-type attack, and allow for remote code execution.
This vulnerability, CVE-2020-25159, has the opportunity to not only shut down a
line and part of a plant but also be instructed to do whatever the
unauthorized third party directs it to. Based on the pertinence to society
these automated processed play and the costs associated with these lines not being
productive, more of a focus needs to be applied to this. There is even a tool
available used to scour the internet seeking the robots used in these processes
which are not properly secured. Without cybersecurity, in place, there is the
potential for individual attacks and much worse with a concerted attack.
Please contact us when we may be of
assistance with embedded systems cybersecurity architecture, validation, and
penetration testing. We have a full lab ready to perform.
Charles Parker, II; Principal
Scientist; MBA/MSA/JD/LLM/PhD/DCS (IP)
810-701-5511
No comments:
Post a Comment