Matrikon Honeywell is one of three IoT vendors that faced vulnerabilities in their process to implement the open platform communication (OPC) network protocol ahead of a 2020 fix. (Spencer Platt/Getty Images)
At least nine vulnerabilities in the approach three leading IoT vendors used to implement the open platform communication (OPC) network protocol created conditions that could potentially expose product users to denial-of-service (DoS) attacks, remote code execution, and sensitive data leakage.
The three IoT vendors â Softing Industrial Automation GmbH, Kepware PTC, and Matrikon Honeywell â all provided fixes for their respective products after security firm Claroty privately disclosed them during 2020.
OPC functions as the middleman of operational technology (OT) networks, ensuring operability between industrial control systems (ICS) and proprietary devices, such as programmable logic controllers (PLCs) responsible for the correct ope
Combating the Rising Cyber Threat Against ICS
Industrial control systems (ICS) play an essential role in keeping the country moving by managing software and hardware in critical national infrastructure (CNI) sectors, including energy and water, as well as critical manufacturing areas such as pharmaceutical and automotive.
ICS is an umbrella term that covers several different kinds of systems and devices, including supervisory control and data acquisition (SCADA) systems, programmable logic controllers (PLCs), and engineering workstations (EWS). These systems face a continual threat of attack from nation-state actors, corporate espionage, and more well-resourced and ambitious criminals. Not only are they under threat, but the risk is growing.
something that would allow employee access into the actual control systems. the entry did have password protection but that did not stop the hacker or hackers. last year the industrial control system cyber emergency response team worked on more than 250 similar incidents. some of the weakness seems to stem from the fact that many electric grids and utilities were designed long before internet access was common and now trying to integrate the old and new technology leaves gaps. that s putting more pressure than ever on these industries to catch up and to do it quickly. neil? time is wasting. how serious is this? what s being done about it? gentlemen, welcome to both of you. robert, this is scary. left out in this coverage is the fact that we ve had a number of other incidents some involving just getting into the energy sector.