A. Identify the Vulnerability Type(s)
B. List the Impact
C. Analyze and Outline the Mitigation Plan
A. Vulnerability Type:
Insufficient Verification of Data Authenticity
Active Scanning: Vulnerability Scanning
Spearphishing and Social Engineering Methods
Remote Code Execution
Structured Query Language (SQL) Injection
Web Shell Uploads
C. Mitigation Plan:
1. Network Segmentation: use proper network-protection devices to isolate industrial robots that need to process data coming from other networks, possibly with a physical cable, to make spoofing only possible to an attacker who is physically onsite.
2. Secure Programming: in addition to adopting secure network architectures, system integrators should promote secure programming guidelines among their control-process engineers and programmers, to minimize the attack surface exposed by automation code.
3. Automation Code Management: knowing and keeping track of the automation code produced by a system integrator and running in a factory is a fundamental prerequisite to find, manage, and resolve vulnerabilities and other security issues that may arise.
D. Source: AA20-304A (https://us-cert.cisa.gov/ncas/alerts/aa20-304a)