Commonly found SCADA / IOT / OT / ICS security issues
Purdue model
https://www.zscaler.com/resources/security-terms-glossary/what-is-purdue-model-ics-security
- Applying traditional corporate IT policies to the SCADA environment
- Default passwords
- No segregation of network/duties
- RTUs PLCs can be accessed through a web interface
- Obsolete OS, missing patch levels, lack of AV support in fear of system disruption
- No application and OS hardening
- Some common ports are enabled (SSH, SNMP, telnet) potentially vulnerable to DOS attack
- Control Room with full access and auto logins
https://uploads-ssl.webflow.com/57b990500c7bdb623821b928/5ab757d71f3370e024d6184c_ProtocolUpdateDataSheet.pdf
Vendors
Hirschmann, Tofino, ProSoft, Claroty, and Forescout., Nomzi, Dragos
Technical Specifications
Defending SOGARD: Behind the Scenes at the 2021 SANS ICS Summit CTF