CISA shared the following in an alert sent out today:
Rockwell Automation has released guidance encouraging users to remove connectivity on all Industrial Control Systems (ICS) devices connected to the public-facing internet to reduce exposure to unauthorized or malicious cyber activity.
From Rockwell Automation:
Due to heightened geopolitical tensions and adversarial cyber activity globally, Rockwell Automation is issuing this notice urging all customers to take IMMEDIATE action to assess whether they have devices facing the public internet and, if so, urgently remove that connectivity for devices not specifically designed for public internet connectivity.
If your utility uses the Rockwell automation devices as described it is highly recommended to follow the above guidance. Users and administrators are encouraged review the Rockwell Automation notice for more information.