The impact of the Log4j vulnerability on OT networks

2021-12-16 07:15

the Industrial Internet equipment in our OT networks is connected out to these at-risk cloud services.

Worse, once sophisticated ransomware groups or other attackers have a foothold in industrial vendors' web services, those threat actors can be very difficult to detect or dislodge, even after the Log4j vulnerability is long since history.

The big risk is that these attackers will remain embedded in the cloud services to which OT networks are connected.

The big issue with relying on "Detect, respond and recover" is that human lives, damaged equipment, and lost production cannot be "Restored from backups." Yes, OT networks need incident response capabilities, but those capabilities only somewhat reduce the consequences of compromise - preventing compromise is and must be the top priority for OT networks.

A more important goal is to ask all industrial cloud providers if their cloud services have ever been vulnerable to this Log4j vulnerability.

No matter how these questions resolve for today's Log4j vulnerability, industrial enterprises who have not already done so should really look at deploying hardware-based, unhackable protections for OT systems, especially for those OT systems that are connected to the Internet.

News URL

https://www.helpnetsecurity.com/2021/12/16/log4j-vulnerability-ot-networks/

#log4j #vulnerability