Early this morning there was an interesting
response posted to a LinkedIn discussion group about my earlier blog post
on the Raven X EV-DO ICS-CERT Advisory. Michael Thibodeaux commented:
“I love the Raven X EV-DO advisory
the best as it is a OEM issue and there is no good way to get a list of the
companies that implement this device in their product. A good thesis for an
undergraduate would be on this theme. To gather the who and what uses this
device take lots of research and time that Undergraduates are willing to put to
work for such a theme.”
This is an ongoing issue for a large number of the
vulnerabilities that are reported in the ICS arena. It is bad enough when there
is a patch or firmware upgrade to apply to fix the problem, but when the
mitigation strategy selected by the equipment vendor is hardware replacement
(especially when there is inadequate communication of that recommendation as in
this case) it becomes much less likely that the fix will take place.
Since the problem here involves a wireless communications
device it is particularly vexing that better solutions are not forth coming. These
devices are, almost by definition, outside of the physical security protections
of an installation. This could allow the access to the ‘isolated’ control system
network that too many other vendor’s security vulnerabilities are relying upon
for protection.
Posts
No comments:
Post a Comment