NERC Lessons Learned from 2019 Grid attack: Know your exploitable vulnerabilities so you can pursue fixes
image credit: Author trademark
- Sep 11, 2019 3:38 pm GMT
- 809 views
One of the key features of the Software Assurance Guardian™ (SAG™) method for verifying software object integrity and authenticity is to conduct a thorough “background check” of a software object, before installing any software. Part of this background check includes searches for known software vulnerabilities and compromises that can affect a software vendor’s integrity, i.e. stolen signing keys. The firewall software that was installed and enabled this Grid disruption was known to contain the very vulnerability that was exploited, which means had the Company employed the SAG method they would have been warned of this vulnerability before it could have been installed, preventing this disruption from occurring in the first place. NERC’s recommendations within the findings report for this event makes it clear that Companies should search for known vulnerabilities of a software object and prevent vulnerable software from being exploited. This is precisely the type of attack that SAG is designed to prevent from occurring, as a result of its thorough background check methodology and SAGScore™, which quantifies the level of risk (trustworthiness) associated with a software object, before it ever gets installed.
Never trust software, always verify and report!™