Yesterday the DHS ICS-CERT published a control system
security alert for the WannaCry ransomware. This alert is a follow-up to the US-CERT alert on the
same attack vector. The alert provides links to three vendor sites providing
information about indicators of attacks on their Microsoft Windows® based
control system products. Those vendors (and their WannaCry links) are:
• Rockwell
Automation (log on required);
• Becton
Dickenson and Company (BD); and
Both the Schneider and BD advisories emphasize that while medical
and industrial control systems have been affected this is a Microsoft Windows
based ransomware attack. They both recommend ensuring that Microsoft patch for
the MS17-010 SMB vulnerability be applied to all Windows based machines (including
Windows XP and Windows 8). Interesting that neither vendor alerts nor the
ICS-CERT alert discusses the Microsoft suggestion
to turn of the SMB file sharing tool.
ICS-CERT expects to update this alert with additional vendor
information when it becomes available.
Posts
No comments:
Post a Comment