Critical Vulnerabilities Spotted in Schneider Electric Triconex TriStation and Tricon Communication Module | Cyware Alerts


Several cyberattack attempts have been observed on critical infrastructure by exploiting internet-accessible IT and Operational Technology (OT) networks across the U.S. Recently, ICS-CERT issued an advisory about critical bugs in the Schneider Electric Triconex TriStation and Tricon Communication Module (TCM).

Vulnerable OT Systems

The advisory explains how hackers have become more focused on targeting Industrial Control Systems (ICS) using an IT network to connect to the OT side.

  • The vulnerabilities in Triconex’s Tricon and TriStation systems could be exploited by an attacker to view clear text data on the network, causing a denial-of-service condition, or allow improper access.
  • The bugs are impacting legacy versions of Tricon Communications Module Models 4351, 4352, 4351A/B, and 4352A/B installed in Tricon v10.0 to v10.5.3 systems. 
  • It also affects TriStation 1131, v1.0.0 to v4.9.0, v4.10.0, and 4.12.0, operating on Windows NT, Windows XP or Windows7.

These ICS attacks are capable of shutting down complete operations of power plants, factories, oil and gas refineries, and more.

Some history

The advisory disclosure mentions the need for organizations to protect against sophisticated living-off-the-land tactics such as modifying SIS system controllers, that were previously used during the TRITON attack in the past.

  • The TRITON malware, possibly created by the XENOTIME APT group, was first observed in the wild in March 2017, when it targeted Schneider Electric’s Triconex SIS in the Middle East. 
  • By May 2018, it expanded industrial cyberattacks on other organizations worldwide.
  • After this incident, XENOTIME began to attack electric utility companies in the United States and Asia-Pacific in 2019, and even managed to compromise several ICS vendors, potentially enabling a supply chain attack.

The Bottom Line

Patching and mitigating threats across the civilian and military OT landscape is critically important because of the sensitivity of the environment. Organizations and institutes are advised to perform proper impact analysis and risk assessment before proceeding with the recommended precautionary measures.



Source link

Recent articles

Mobileye, Geely to Offer Most Robust Driver-Assistance Features

Chinese automaker Geely Auto Group unveiled its premium electric vehicle, the Zero Concept from Lynk & Co,...

Japan and S Korea need to repair ties, cooperate on N Korea: PM | Japan

Yoshihide Suga says it is time to mend frayed ties in call with South Korea’s President Moon Jae-in.Japan and South Korea must cooperate...

Metal Gear Solid PS5 Remake in the Works as Console Exclusive

Remember when everyone was frantically trying to guess what remake Bluepoint set to work on after they finished Shadow of the Colossus? The...

How canceled student-loan and mortgage debts could affect your taxes in the COVID-19 era

In this COVID-19 ravaged economy, debts can pile up beyond a borrower’s ability to repay. However, lenders are sometimes willing to forgive (cancel)...

‘Brain-Boosting’ Supplements Are Full of Unapproved, Untested Drugs, Study Finds

Image: Gizmodo/Stem Cell Research via Getty Images (Getty Images)Supplements that supposedly improve brain health and functioning, known as...

Chief Executive of Embattled Alaskan Mine Project Resigns

The chief executive of the partnership developing the Pebble Mine in Alaska resigned on Wednesday over comments made in meetings recorded by an...

Leave a reply

Please enter your comment!
Please enter your name here