Episode 14: CMU Cybersecurity Researchers Explore New Ways to Deceive Cyber Attackers
July 9, 2021
Episode 15: Why Your OT Cybersecurity Strategy Needs a Crash Test Dummy
July 23, 2021Schneider Electric PLC Cyber Alert: 5 Ways to Protect Your Organization
Cybersecurity researchers identified a troubling vulnerability in Schneider Electric Modicon PLCs that could be used to bypass normal authentication safeguards and wreak havoc on one of the most common PLC device brands in IoT.
At greatest risk are companies that have unwittingly allowed one of these vulnerable PLCs to be connected to the internet.
A cybercriminal who finds one and takes control could launch a ransomware attack, steal sensitive data, shut down HVAC systems, deactivate lights, disable emergency back-up systems and more.
A cursory search on Shodan Search Engine, the Google of internet-connect devices, turned up 92 examples globally and 12 in the U.S. of vulnerable, internet-connected Schneider Electric Modicon PLCs.
And that was just one vulnerable PLC model.
Schneider says a total of six PLC models have the vulnerability, and a patch isn't expected until Q4 2021. In less than 30 minutes, a search on Shodan revealed a vulnerable Schneider Electric PLC connected to the internet at an organization in Pittsburgh that has assets worth millions of dollars. This is just one example.
"Bad actors are looking for low-hanging fruit like this when a security advisory comes out because they know that some companies either aren't aware of the vulnerability or won't move quickly enough to eliminate risks."
Industrial organizations that follow best practices in cybersecurity — such as ensuring no PLCs are connected to the internet — are in a much better position to deal with unpatched threats like this one.
No organization is perfect, and many might not know the level of exposure to this type of risk. That's where third parties like GrayMatter can help by conducting comprehensive cybersecurity assessments of an organization's IoT assets.
5 Questions to Ask Yourself & Colleagues
Here's a short list of questions to ask yourself and your colleagues to determine if an assessment would help. Hint: the answer to each one should be "No." If the answer to any of these is "Yes" or "I don't know," it's time to seek out a third-party cybersecurity assessment to get answers and build in additional protections.
GrayMatter's comprehensive OT cybersecurity assessment helps you confidently answer these questions, and many others.