Industrial Control Systems at risk

Industrial Control Systems at risk
Industrial Control Systems at risk from new Remote Desktop Services vulnerability

Today Microsoft took the unusual step of releasing security updates for Windows XP, Windows 7 as well as Windows Server 2003 and 2008 to address a serious security issue with Remote Desktop Services.  This vulnerability can be executed remotely and with no user interaction.  The advice from Microsoft is:

"If you are on an out-of-support version, the best way to address this vulnerability is to upgrade to the latest version of Windows. Even so, we are making fixes available for these out-of-support versions of Windows"

In 2017, a very similar vulnerability was exploited by the WannaCry worm which infected hundreds of thousands of machines shutting down several hospitals in the UK as well as Telefonica and other high profile companies.

Industrial Control Systems are particularly vulnerable to these threats because they often have remote desktop services enabled, are often running obsolete versions of windows, may not have regular backups taken and are not regularly patched because in a lot of cases they don't have direct internet access.  Some people believe that because a server or PC is not directly connected to the internet, that it is not at risk, however worms like WannaCry are able to quickly jump from machine to machine inside networks, so all it takes is for a user somewhere on the network to be infected and your plant floor systems can be taken down.

If you are concerned about the risk to your business please contact Crossmuller for a no obligation assessment of your control system and automation infrastructure.

You might also like these articles

Chanel Warehouse to ERP Integration
Chanel Warehouse to ERP Integration
3 minute read
Chanel is a privately owned company based in Paris. There are several subsidiaries based across the globe with distribution outlets on all 5 continents.
Why upgrade to ArchestrA System Platform?
Why upgrade to ArchestrA System Platform?
4 minute read
On a recent job Crossmuller was commissioned to create a new InTouch HMI screen along with new tags for some new infrastructure using standalone InTouch 9.5.
MES: It is also about the journey
MES: It is also about the journey
3 minute read
The MES journey should always start with knowledge of what you have, and where you want to go.