Tuesday, August 21, 2012

Security Issue with RuggedCom Network Devices

The operating system (ROS) used in RuggedCom network devices has (according to the ICS-CERT Operations Center) a problem with a private key which may be used by an attacker.

A report states, that “the vulnerability can be used to decrypt SSL traffic between an end user and a RuggedCom network device.”

Access the complete Report from ICS-Cert.

The other day I said:

It is HIGHLY recommended to ALL stakeholders in the energy
industry to keep an close eye on the security issues!!

I hope that more responsible managers will understand that implementing the needed measures is crucial to meeting their mission (not looking to comply with a standard or other specification) – this costs money … but it is a prerequisite for running your business in the future!

Don’t expect that nothing will happen!

Experts, responsible for Substation Automation Systems that use ROS based network devices, should keep an eye on the issue!

No comments: