Yesterday the DHS ICS-CERT provided their 6th
update to their WannaCry Alert that was originally
published on May 15th and last
updated on May 22nd. They added links to vendor advisories from:
• Spacelabs
Healthcare; and
•
Dräger
Both of these vendor advisories make an important note of
one of those problems that have not generally been mentioned in the WannaCry
debate; control system compatibility with operating system updates. Both
vendors specifically state that they have verified the operation of the their
Windows® based products with the March MS update that dealt with the SMB
vulnerability that underlies the WannaCry attack.
I did a more lengthy
post on this issue back in January of 2012 and it is something that all ICS
owners should be aware of. Automatic updating of the OS on the machine upon which
the industrial control system resides is not necessarily a good thing. Add to
that the cases where the ICS is so intertwined with the MS-OS that the vendor
has to issue their own patch (see the Spacelabs discussion about their XTR
96280) to implement the MS fix. This results in an additional delay between the
identification of the problem and the time that the device owner has any chance
of fixing it.
Just one more problem with implementing security on
industrial (and medical, and ….) control systems.
Posts
No comments:
Post a Comment