Yesterday the DHS ICS-CERT published an advisory for a vulnerability in a Siemens system and a tip about best practices for continuity of operations.
This advisory describes an open redirect vulnerability in the Siemens SIMATIC S7-1200 CPU family. The vulnerability was reported to Siemens by Ralf Spenneberg, Hendrik Schwartke, and Maik Brüggemann from OpenSource Training. Siemens has provided an update that mitigates this vulnerability, but there is no indication that the researchers have verified the efficacy of the fix.
ICS-CERT reports that a moderately skilled attacker could remotely exploit this vulnerability to redirect users to a malicious web site. The exploit would require a social engineering attack.
BTW: Still no mention of the Siemens NTP vulnerability.
This document provides a rather extensive list of things to ensure the survivability of a network from a malicious intrusion. This looks to be more targeted at IT and network systems than specifically directed at control system security.
I did not see anything new or earth shattering, nor is anything described in the detail necessary for someone that doesn’t already understand this stuff to implement. This may, however, provide a basic check list for managers to use to question their cybersecurity folks on the status of their security processes.