Avoiding Dangerous Malware Infections

by | May 22, 2017 | Control & Safety Systems, Cybersecurity, Industry, Power Generation, Water & Wastewater

Jim Cahill

Jim Cahill

Chief Blogger, Social Marketing Leader

The malware WannaCry/WannaCrypt has been all over the news recently. Since most of the operator and engineering workstations used in distributed control systems (DCSs) and supervisory control and data acquisition systems (SCADA) are PC-based, the question was naturally could these have been/or be impacted by this dangerous malware.

Emerson's Jaime Foose


I caught up with Emerson’s Jaime Foose. She noted that it is important to point out that personal computer users can easily avoid these types of attacks by following some very basic principles. Top of the list is to not rely on unsupported operating systems which are no longer maintained by the supplier. Next is to always keep your PC updated with the latest patches. And, from a user interaction perspective, never click on unknown links or attachments.

Specific to PCs used in control and data acquisition systems, never enable email on these PCs. From an architectural standpoint, do not expose the control system to the corporate local area network and internet, and always block/monitor vulnerable Windows traffic on the network. Also, the control networks and PCs should be hardened to not allow USB sticks and wired or wireless access to the PCs and networks.

By following these practices, systems would have been protected from WannaCry/WannaCrypt and other dangerous malware to date. Jaime also explained that many organizations are stretched very thin with their technical staffs, and lack the time and resources make it extremely difficult to keep pace with the dynamic, complex and serious nature of cybersecurity.

Emerson Power and Water Cybersecurity SuiteSuppliers can help by providing ongoing cybersecurity services to help process manufacturers. For the power generation, water & wastewater industries, the Power and Water Cybersecurity Suite is a platform-independent ICS cybersecurity solution that provides additional layers of protection for control system users with staffing challenges.

Modules in this suite include antivirus detection, application control, configuration management, device control, network intrusion detection, software/firmware patch management, rogue system detection, security incident & event management, system backup & recovery and vulnerability assessments. A Cybersecurity Suite Dashboard helps bring visibility to these elements.

You can connect and interact with other cybersecurity, power, water & wastewater experts in the Process Control – Ovation, Power and Water & Wastewater groups in the Emerson Exchange 365 community.

Popular Posts

Comments

Follow Us

We invite you to follow us on Facebook, LinkedIn, Twitter and YouTube to stay up to date on the latest news, events and innovations that will help you face and solve your toughest challenges.

Do you want to reuse or translate content?

Just post a link to the entry and send us a quick note so we can share your work. Thank you very much.

Our Global Community

Emerson Exchange 365

The opinions expressed here are the personal opinions of the authors. Content published here is not read or approved by Emerson before it is posted and does not necessarily represent the views and opinions of Emerson.

PHP Code Snippets Powered By : XYZScripts.com