Rockwell Automation Urges Disconnecting ICS Devices from Public Internet to Counter Cyber Threats

Amidst heightened geopolitical tensions and a global rise in cyberattacks, Rockwell Automation is urging customers to immediately disconnect all Industrial Control Systems (ICS) devices from the public internet.

This proactive step aims to minimize the potential for unauthorized access and mitigate the risk of malicious cyber activity targeting these critical systems.

“Due to heightened geopolitical tensions and adversarial cyber activity globally, Rockwell Automation is issuing this notice urging all customers to take IMMEDIATE action to assess whether they have devices facing the public internet and, if so, urgently remove that connectivity for devices not specifically designed for public internet connectivity,” reads part of the advisory SD1672.

CISA Alert

The Cybersecurity & Infrastructure Security Agency (CISA) has echoed Rockwell Automation’s warning, issuing an advisory alert to the general public.

The advisory highlights the heightened risk of cyberattacks on critical infrastructure and industrial control systems, emphasizing the importance of taking immediate action to protect vulnerable devices.

Rockwell Automation emphasizes that devices not explicitly designed for public internet connectivity, such as certain industrial control systems, should never be directly connected to the internet. By removing this connectivity, users can significantly reduce their exposure to unauthorized and malicious cyber activity.

“Consistent with Rockwell Automation’s guidance for all devices not specifically designed for public internet connectivity (for example, cloud and edge offerings), users should never configure their assets to be directly connected to the public-facing internet.”

“Removing that connectivity as a proactive step reduces attack surface and can immediately reduce exposure to unauthorized and malicious cyber activity from external threat actors.”

Read the entire notice HERE.

The company’s guidance aligns with industry best practices for cybersecurity, which advocate for a defense-in-depth approach to protect critical infrastructure.

This approach involves implementing multiple layers of security controls, including network segmentation, access controls, and intrusion detection systems.

Cyber threats are constantly evolving, growing more sophisticated every day.

Proactive measures are crucial.

Cyber threats are constantly evolving and growing in complexity. Proactive measures are crucial. Rockwell Automation’s recommendations are key to safeguarding critical systems.

These steps help protect against potential disruptions. By acting quickly to disconnect vulnerable devices, users strengthen their defenses. This reduces the risk of falling victim to cyberattacks.