Vulnerability for Your OT Security….

In CVE-2024-37998, NIST has identified a vulnerability in SICAM SCADA systems that could potentially allow an unauthorized individual to gain administrator rights on the OT systems. The criticality of this vulnerability has been classified as “critical”, due to the possibility of a remote attack, among other things. The corresponding security advisory was published on the Siemens website the day before, outlining the necessary measures to restore OT security. This issue has also been covered by a prominent German news portal.

It is not uncommon for vulnerabilities in OT components to go unnoticed by high-traffic, widely-read IT news portals. The fact that this report has made it may be due to the high criticality and prevalence of the affected OT systems. It is also reasonable to assume that, in the context of the NIS2 Implementation Act, the importance of OT systems for the national economy is being recognized more strongly. This would be a positive development. After all, critical systems are at great risk, are increasingly under attack, and need to be better protected .

It is certainly NOT due to the limited number of OT vulnerabilities. Our OT vulnerability management system, which includes StationGuard and GridOps, has approximately 10 000 vulnerability reports on currently 25 manufacturers of OT systems.

GridOps, Vulnerability Management

This alarming figure is on the rise. Vulnerability Management in Practice (omicroncybersecurity.com)

Reported Vulnerabilities OT Vendors

Number of reported vulnerabilities

(OMICRON / GridOps)

…. and Countermeasures with 
OT Intrusion Detection Systems

Vulnerability advisories from manufacturers also contain the necessary countermeasures to eliminate the risk, including software updates. It is imperative that these recommendations be followed without delay.

To do this, it is of course necessary to be aware of this vulnerability (1). Then you need to know which software version is being used on your OT systems (2). And then you also need to install the firmware update (3).

While (1) and (2) can be automated using suitable OT tools, patch management (3) presents a particularly challenging aspect of real OT operations

The patching of OT systems is typically associated with a short-term (if all goes well) or sometimes extended (if not) loss of availability of the affected components. This necessitates long-term planning, as the component remains vulnerable until this occurs. Consequently, alternative measures are essential to mitigate the risk in the interim.

OT intrusion detection systems (IDS) help here. These systems are designed to continuously monitor the network traffic of substations, power plants, and control centers, identifying irregularities and potential threats. Specialized OT IDS eliminate the need for lengthy training periods, enabling rapid detection of anomalies as soon as they are activated

The German government has also recognized the significance of IDS and has made it a mandatory requirement in §31 of the German NIS2 Implementation Act.  The EU Commission's NIS2 Implementing Regulation (draft) also outlines the necessity for regular evaluation of data from security tools such as IDS.

Resources

CVE-2024-37998
26. July 2024

Critical Vulnerability in Siemens OT Systems

NIST has identified a vulnerability in SICAM SCADA systems that could allow an unauthorized individual to gain administrator rights on the OT systems.

Read this story
Advisories and How to Use Them
12. July 2024

Advisories and How to Use Them

We look at the diverse world of security advisories and how to use them, and the wealth of experience of our experts in developing our OMICRON advisories.

Read this story
Marcel Ströhle, Podcast Episode, OMICRON
03. July 2024

Minimizing cybersecurity vulnerabilities at the hardware level

Why do hardware devices, in addition to software, need to be secured against cyber threats. OMICRON hardware developer Marcel Ströhle is the guest.

Read this story
Firewalls under Attack, Holger Skaus
21. June 2024

Firewalls Under Attack - How to Protect Your IT/OT Systems

Firewalls are the first line of defense in protecting critical infrastructures in cyberspace. This makes them particularly attractive to attackers.

Read this story
StationGuard 2.40, OMICRON
22. May 2024

StationGuard 2.40 – New Usability Upgrades

The new version brings along many usability upgrades, incl. MMS server availability, improved router behavior, and more …

Read this story
EnergyTalks, Podcast Episode, Part 7
21. May 2024

Cracking the Code: How to Uncover Cyber Attacks on Your System

Learn how the OMICRON cybersecurity experts analyze incoming alarms and reveal hidden dangers that threaten the safety and operations of an entire system.

Read this story
Vulnerability Management, Andreas Klien
14. May 2024

Vulnerability Management in Practice

Gath­er­ ad­vi­sories, up­date your GridOps vul­ner­a­bil­ity data­base, tend to your as­set in­ven­tory, vul­ner­a­bil­ity match­ing, and risk as­sess­ment.

Read this story
NIST - 2024
24. April 2024

NIST Cybersecurity Framework 2.0 at a Glance

On February 26, 2024 the National Institute of Standards and Technology (NIST) published the second version of the Cybersecurity Framework (CSF 2.0).

Read this story
Cybersecurity Regulations
09. April 2024

State of the Art in Vulnerability Management

With the German IT Security Act, energy utility operators are required to adhere to the "state of the art" to manage cyber risks effectively.

Read this story
OMI­CRON Con­tributes to Nmap Plug-In
26. March 2024

OMI­CRON Con­tributes to Nmap Plug-In

We collaborated with the BSI and the Fraunhofer Institute to develop an nmap plug-in for OT networks, enhancing tools for power grid administrators.

Read this story
EnergyTalks, Podcast Episode, Ron Brash, Andreas Klien
13. February 2024

Chances & Risks of Operational Technology in the Energy and Aviation Sectors

Andreas Klien discusses the differences and similarities of using OT technology in the aviation and electrical power industry sectors with his guest, Ron Brash.

Read this story
Sarah Fluchs, Andreas Klien, Podcast Episode
11. January 2024

Building trust in digital products used in the power grid

In this podcast episode, Andreas Klien, discusses the security engineering of digital products used in the power grid with his guest, Sarah Fluchs.

Read this story
OMICRON EnergyTalks - Podcast episode
10. January 2024

Experiences & Innovations in Developing Cybersecurity Products

In this podcast episode, Anastasiya and Jaques share their experiences, challenges, and innovations in developing our cybersecurity products.

Read this story
StationGuard Receives Security Certificate from the BSI
17. December 2023

StationGuard Receives Security Certificate from the BSI

The German Federal Office for Information Security (BSI) has tested our StationGuard and awarded us the IT security certificate (BSZ) as a result.

Read this story
CVE-2023-45871 - Finding and Patching a Critical Vulnerability in Linux, Eric Heindl
04. December 2023

At­ten­tion CVE-2023-45871 - Our Story of Finding and Patching a Critical Vulnerability in Linux

You think your devices are immune to cyber threats just because there's no official security advisory? You might be wrong.

Read this story
EnergyTalks, Podcast Episode
06. November 2023

Solving Cybersecurity Problems in Electrical Power Networks

OMICRON cybersecurity analysts Christoph Rheinberger and Eric Heindl share their personal experiences for IT and OT security officers.

Read this story
OMICRON Podcast Episode with Thomas Wolf and Ozan Dayanc
04. October 2023

Why do OT networks need an IDS?

Discover the challenges faced by power providers and practical recommendations for enhancing OT network security.

Read this story
StationGuard Release 2.40
02. October 2023

StationGuard 2.30 – Improved Efficiency for Intrusion Detection

With StationGuard 2.30, you can imrove your workflows. The intrusion detection system (IDS) enables you to monitor Ethernet networks in the power grid.

Read this story
Podcast Episode 2, OMICRON
07. September 2023

Digital Transformation in the Power Industry

In this podcast episode, learn how to successfully implement cybersecurity into critical power system infrastructures with OMICRON cybersecurity experts.

Read this story
Podcast, Andreas Klien, OMICRON
07. September 2023

Vulnerability Management in Substations

Learn how vulnerability management tools ensure a more effective cybersecurity in power grids.

Read this story
Podcast Episode 1, OMICRON
01. September 2023

Bridging the gap between IT and OT

OMICRON cybersecurity expert Benjamin Teudeloff talks about the increasing necessity for power providers to improve their cybersecurity practices.

Read this story
OMICRON Magazine: Security Assessment Findings
29. August 2023

Security Assessment Findings in Substations and Power Plants

Our cybersecurity expert, Ozan Dayanc, reveals insights from global substation security assessments.

Read this story
Video: STW-Kempen
29. August 2023

Cybersecurity from the Control Center to the Substation

Cybersecurity from the Control Center to the Substation - Stadtwerke Kempen is Building a New Substation with OMICRON

Read this story
StationGuard Feature: Search In ZeroLine
18. August 2023

Feature Preview: Device Search in ZeroLine

StationGuard has a a new search feature that makes it easy to find all equipment information in your network.

Read this story
StationGuard Feature: Automatic Device Classification
18. August 2023

Feature Preview: Automatic Device Classification

StationGuard 2.30 will include a new feature that makes it easier than ever to assess and secure your OT network.

Read this story
Holger Skurk, OMICRON

Holger Skurk

Product Manager Cybersecurity | KRITIS OT, OMICRON electronics GmbH