This afternoon the folks at DHS
ICS-CERT published an updated
version of the RuggedCom alert that they published
earlier this week. They added the following paragraph to the ‘mitigation’
section of the alert;
“ICS-CERT is coordinating with
RuggedCom who has indicated that they intend to release a patch that removes
the backdoor access to address this reported vulnerability. They plan to
release this patch within the next month. In addition, RuggedCom has released a
notification regarding this issue that can be accessed at http://www.ruggedcom.com/productbulletin/ros-security-page/.”
Less than a week to get this response from is fairly
impressive, even if they
have had the vulnerability information for just about a year now. Sometimes
you just have to get someone’s attention.
Actually I would assume that they had been doing at least
some work on the patch done since they were notified of the vulnerability. I
would guess that it was a low priority project since it wasn’t going to be
making the company any money. As long as the researchers wasn’t going public
there wouldn’t be any real need to get the patch developed in a timely manner.
There is another potential explanation. The alert notes that
RuggedCom was acquired by Siemens ‘earlier this year’. Given Siemens problems
with vulnerabilities in their control systems it might seem that a company that
was looking to be bought by Siemens might have a reason to ensure that a
recently identified vulnerability didn’t make the news. It might even be a good
idea to insure that the team doing a due-diligence inspection didn’t find out
about the problems.
We won’t ever know which of the two possibilities (or maybe
some other that I haven’t thought of) was really responsible for the delay in
getting the development under way. In the long run, I guess it doesn’t really
matter; a vulnerability has been identified and is being patched. Hopefully the
bad guys won’t use it in the meantime.
Fortunately, the only people slower to exploit cybersecurity
vulnerabilities than Congress are the terrorists. Hopefully it remains that
way.
Posts
No comments:
Post a Comment