Today the DHS ICS-CERT took the unusual step of issuing a
control system security alert for a ‘vulnerability’
being self-reported by the vendor. ICS-CERT reports that Sierra Wireless has
issued a technical
bulletin [.PDF Download] describing mitigation measures that owners can
take to stop the Mirai
malware from infecting AirLink gateways that are using the default
ACEmanager password and are reachable from the public internet.
ICS-CERT is careful to note “that there is no software or
hardware vulnerability being exploited in the Sierra Wireless devices by the
Mirai malware”. The problem is in configuration management; using the default
password.
It is nice to see that a vendor is taking specific steps to
identify problems in configuration management for their products that allow an
outside agency to take control of those products to become part of a botnet.
And to further share that information with ICS-CERT to help get the word out is
something to be commended. It would sure be nice if all vendors were so
proactive.
Posts
No comments:
Post a Comment