The US Department of Homeland Security is warning businesses to tighten security protection on their industrial control devices following the discovery of a high-risk security vulnerability in the Ruggedcom ROS industrial networking platform.
In an alert from the Industrial Control System Cyber Emergency Response Team (ICS-CERT), authorities warned that the flaw could be used by an attacker to eavesdrop on SSL traffic.
According to the ICS-CERT report, an error in the handling of network keys could potentially allow an attacker to compromise secure connections by identifying the device's RSA encryption key.
Once compromised, the agency warns that an attacker could intercept traffic being sent between an end user and ROS devices.
Credit for discovering the vulnerability was given to Cylance researcher Justin W Clarke. The researcher presented the flaw along with a proof of concept outlining how such an attack could take place.
In order to mitigate the flaw, ICS-CERT is advising administrators to limit the exposure of any network-connected industrial control systems.
In addition to removing all control systems from direct internet connectivity, the agency is advising best practices, including the implementation of firewall protections and the use of VPN connections when accessing control devices.
The security and accessibility of industrial control appliances and devices has become a hot topic as fears grow over domestic and international terrorist attacks and industrial sabotage operations. Devices such as PLC controllers have been found to contain critical flaws which could lead to attacks on public utilities.
Industrial device flaws were also leveraged by government agents to carry out the high-profile Stuxnet and Duqu malware attacks.
Privilege escalation bug already being exploited in the wild
NASA's Voyager 2 probe set to reveal secrets of space beyond the heliosphere as it goes interstellar
The probe is now more than 18 billion kilometres from Earth, with equipment enabling it to reveal some of the secrets of interstellar space
Four glaciers located west of massive Totten glacier have lost almost three metres of ice in height since 2008
Ceres, located in the asteroid belt, has a carbonaceous-rich upper crust, SwRI study claims