Following the news that Threatpost is among media outlets reporting a major vulnerability in Schneider Electric’s industrial controller management software that would allow hackers to remotely execute code on industrial networks. IT security experts from Rubicon Labs, Tripwire, commented below.
Rod Schultz, VP of Product at Rubicon Labs:
“Remote code execution is one of many vulnerabilities for a digital system that has been connected to a network. While they are sophisticated attacks, once discovered they are incredibly easy to reproduce, and an example of a type of attack that will be seen in IoT. Security is becoming more important and unfortunately, it is getting harder to do. Managed services for security and protection Managed services for security and protection must be created to simplify these problems for device manufacturers and service providers. must be created to simplify these problems for device manufacturers and service providers. The world will not stop connecting devices to a network, and attackers are getting more and more motivated to attack this expanding target.”
Tim Erlin, Sr. Director, Product Management at Tripwire:
“The bad news is that this vulnerability is serious. The good news is that there are several steps control systems operators can take to address it, including a patch available from the vendor.
Control systems and their components should never be accessible directly from the Internet.
While that may seem obvious to many people that control systems shouldn’t be directly accessible from the Internet, it’s also a fact that many of these systems are.
In cases where a system can’t be patched or otherwise protected, Schneider customers should be diligently monitoring for any hint of exploit activity.”
Mike Ahmadi, Global Director – Critical Systems Security at Synopsys:
“Security issues in control systems are widespread and continue to grow in numbers as researchers focus on uncovering them. What impresses me most about this story is that Schneider was able to quickly respond to the issues and create an update that addresses the discovered security vulnerabilities. This is a sign of a mature organisation with a solid cybersecurity incident management plan. As someone who has worked with Schneider in the past I know they expend considerable effort in internal cybersecurity vulnerability testing, as well as incident response.”