Flaw In Delta ICS Could Turn Up The Heat At Your Organization - Patch Now
By: Jim Stickley and Tina Davis
August 17, 2019
A serious vulnerability was found recently that could cause some serious trouble for businesses. This bug could allow an attacker to take over the network in a corporate or industrial setting that uses the Delta enterliBUS Manager. Simply put, if someone were to exploit this, they could tell the controller to do pretty much anything they wanted and install themselves a nice backdoor way into the network for whenever they felt like a visit.
Researchers gave a presentation on the exploit at Black Hat USA 2019 in Las Vegas. Their demonstration included taking over the controller and subsequently installing a backdoor on the network.
The manufacturer, Delta Controls has provided a patch for this. If your organization uses this product, apply it right away. This goes for any patch that is released for any software or firmware that is used.
There is good news. The attacker would not only need access to the controller, but also to the system it controls. While not impossible for the determined hacker, it just makes it a little more complicated. Since HVAC, lighting, and alarm systems are often controlled by this device, they could simply poke around until they found it. However, the researchers also found they create a “call and response” type of program to find these systems. Basically, they wrote a program that said “Marco” and the system responded with “Polo.” Then they had everything they needed.
More information on this particular vulnerability can be found by looking up CVE-2019-9569.