Israel National Cyber Directorate Warns of Critical Vulnerabilities
CTech – The Israel National Cyber Directorate has issued a severe alert after researchers from Forescout and JFrog Security Research uncovered critical vulnerabilities in manufacturing equipment. The researchers identified 14 vulnerabilities, two of them critical, that could be used to attack equipment used in manufacturing processes. The equipment is mainly common in organizations from the energy and industrial sectors and the vulnerabilities expose them to potential harm.
The vulnerabilities were discovered in a TCP/IP Stack called NicheStack that is included in a large number of operational components, including Siemens controllers and other equipment from reputable companies. The researchers estimate that there are millions of facilities in the world that contain equipment that uses the vulnerable software component. Such facilities control various production processes such as pump operations, temperature control, production line control, and more. Without appropriate preventive measures, organizations and companies, mainly in the energy, industry, production, and retail sectors, are potentially exposed to cyber disruption.
The research team, which consists of Israeli researchers from Forescout and JFrog Security Research, discovered the weaknesses during a study that used advanced analysis capabilities. Two of the vulnerabilities are classified as critical, ten as high risk, and two as medium risk.
“The potential for a relatively easy attack can lead to various disruptions in the production processes and even result in physical damage of environmental pollution, equipment shutdown, etc.,” the Directorate wrote in its warning. “Additionally, attackers can use lateral movement to damage the administrative networks through information leakage, downtime, encryption, and deletion of information.”
The details of the vulnerabilities were shared in advance by the Israeli research team at Forescout with the Israel National Cyber Directorate, as part of an extensive research collaboration that is emerging between the Directorate and Forescout. The vulnerabilities were shared through a responsible disclosure procedure with the relevant manufacturers.
“The Directorate calls upon organizations that use vulnerable equipment that use this software to take immediate preventive action, and on vendors of said products to alert their customers to the risk and provide them with appropriate security updates in a timely manner,” the Directorate added.