Today’s LiveWire Spotlight evaluates four cyber security vulnerability summaries recently posted by the Industrial Control Systems Cyber Emergency Response Team (ICS-CERT). They explain how hackers can exploit poorly written software that does not validate the input given to it by a user, that uses hard-coded passwords, that does not catch exceptions to a routine, or allows users to specify a memory buffer’s location without checking.
The success of a cyber-attack is proportional to the vulnerability of a network’s softest targets. Components without the latest security patches, allow Internet access, or hard-code passwords continue to be the top issues. Look for FERC to push for more CIP requirements in these areas.