CISA Urges Critical Infrastructure to Patch Urgent ICS Vulnerabilities
CISA’s advisory provides mitigations for vulnerabilities in ICS products used in critical infrastructure industries like energy, manufacturing and transportation
ICS security covers industrial control systems running physical processes and relying on reliable networks, where failures may affect safety and availability.
Search across headline titles and summaries.
Background for this topic.
Industrial control systems (ICS) are the computers, networks, programmable controllers, sensors, and actuators that monitor and operate physical processes. They include supervisory control and data acquisition (SCADA), distributed control systems, and plant-floor automation in sectors such as manufacturing, energy, transport, and water. Their critical assets are the control logic and process data, while their dependencies include engineering workstations, operator consoles, industrial protocols, communications links, and sometimes connections to enterprise or remote-access systems.
ICS security must protect availability, process integrity, and safety as well as confidentiality. Unauthorized changes to controller logic, compromised remote access, vulnerable engineering software, or disruption of communications can produce unsafe conditions or halt operations, though impact depends on the process and its safeguards. Defenses commonly include accurate asset inventories, network segmentation, tightly controlled and monitored remote access, secure configuration, tested backups of control logic, and vulnerability management that accounts for maintenance windows and the risks of disrupting real-time systems. Incident response may require isolating affected equipment while preserving safe operation or manual fallback.
CISA’s advisory provides mitigations for vulnerabilities in ICS products used in critical infrastructure industries like energy, manufacturing and transportation
As many as five different malware families were deployed by suspected nation-state actors as part of post-exploitation activities leveraging two zero-day vulnerabilities in Ivanti Connect Secure (ICS) VPN appliances since early December 2023
A pair of zero-day flaws identified in Ivanti Connect Secure (ICS) and Policy Secure have been chained by suspected China-linked nation-state actors to breach less than 10 customers
Ivanti has disclosed two Connect Secure (ICS) and Policy Secure zero-days exploited in the wild that can let remote attackers execute arbitrary commands on targeted gateways. [...]