This week we have two vendor notifications that were not
covered by ICS-CERT. These were for products from Siemens and ABB.
Siemens Update
Siemens announced
another update to their July advisory about vulnerabilities in their SIPROTEC 4
and SIPROTEC Compact devices. ICS-CERT updated
their advisory for the previous Siemens update, but has not done so for
this one. I suspect this is a holiday delay.
Siemens is providing updated version information and
mitigation measures for their SIPROTEC 7UT686.
ABB Advisory
Joel Langill provided
a link to an ABB security
advisory linked to the TRITON/TRISIS/HATMAN malware. While the TTH attack
did not involve any ABB products, the company notes that “conceptually a
similar attack can be leveraged against any safety system with a sufficiently
similar design concept”. The advisory then goes on to provide a link to a product
specific advisory
(registration required) for the ABB System 800xA High Integrity safety instrumented
system.
Since I am not a registered user I do not have access to the
advice provided by ABB but I suspect that it pretty much reiterates standard
security protocols for the device. That is not a bad thing in view of some the lapses
reported in both the
Dragos and FireEye
reports. In fact, it might be a good idea for all vendors of safety
instrumented systems to review those two reports and provide a security update
for their products that emphasizes the lessons learned in the Saudi attack.
Posts
No comments:
Post a Comment