Today’s LiveWire Spotlight evaluates several of the most recent cyber security vulnerability summaries posted by the Industrial Control Systems Cyber Emergency Response Team (ICS-CERT). The topics range from the unsafe use of wildcards in a key configuration files; to weak random number generators that allow hackers to predict TCP ports and sequence allocation numbers; and to the use of breakable encryption schemes in a SCADA system.
The number and sophistication level of cyber-attacks conducted through the supply chain are growing exponentially. Thus, BES Cyber System owners/operators should regularly monitor security advisory sites like ICS-CERT’s and act on any relevant recommendation.