The updated advisory includes a modified set of recommendations for mitigating this vulnerability. DHS ICS-CERT recommends:
• Update MDM Version 2.1 to Version 2.3.Once again, as usual, ICS-CERT reminds administrators “that proper impact analysis and risk assessment should be performed prior to taking defensive measures”.
• Ensure network protection for the MDM Tool, Gateway, and Agents to protect communications between these systems.
• Encourage asset owners to minimize network exposure for all control system devices. Critical devices should not directly face the Internet. Control system networks and remote devices should be located behind firewalls, and be separate from the business network. If remote access is required, secure methods such as Virtual Private Networks (VPNs) should be utilized.
No comments:
Post a Comment