Rockwell Automation warned customers to disconnect all industrial control systems not designed for online exposure from the Internet due to increasing malicious activity worldwide.
Network defenders should never configure such devices to allow remote connections from systems outside the local network.
“Due to heightened geopolitical tensions and adversarial cyber activity globally, Rockwell Automation is issuing this notice urging all customers to take IMMEDIATE action to assess whether they have devices facing the public internet and, if so, urgently remove that connectivity for devices not specifically designed for public internet connectivity,” Rockwell said.
Rockwell also cautioned customers to take the mitigation measures required to secure their devices against the following security vulnerabilities impacting Rockwell ICS devices.
Today, CISA also issued an alert regarding Rockwell Automation’s new guidance to reduce ICS device exposure to cyberattacks.
In September 2022, the National Security Agency and CISA published a joint advisory on securing operational technology devices and industrial control systems against attacks.