Vulnerabilities in industrial cellular routers’ cloud management platforms

Issue 2/3 2023 Industrial (Industry), Information Security, Security Services & Risk Management, IoT & Automation

OTORIO, a provider of operational technology (OT) cyber and digital risk management solutions, announced that three significant industrial cellular router vendors have vulnerabilities in their cloud management platforms that expose customers’ operational networks to external attack. This raises questions about the safety of connecting OT to the cloud and suggests a need for standard industry regulations to eliminate such security risks.

An industrial cellular router allows multiple devices to connect to the internet from a cellular network. It is commonly used in industrial settings, such as manufacturing plants or oil rigs, where traditional wired internet connections may not be available or reliable. Vendors of these devices employ cloud platforms to provide customers with remote management, scalability, analytics and security.

However, OTORIO’s research found 11 vulnerabilities in the cloud platforms studied, allowing remote code execution and full control over hundreds of thousands of devices and OT networks – in some cases, even those not actively configured to use the cloud.

OTORIO Security Researcher, Roni Gavrilov, shared key findings and remediation tips at Black Hat Asia 2023 (a white paper on the topic is available here).

“As the deployment of IIoT devices becomes more popular, it's important to be aware that their cloud management platforms may be targeted by threat actors,” said Gavrilov. “A single IIoT vendor platform being exploited could act as a pivot point for attackers, accessing thousands of environments at once.”

OTORIO discovered a wide range of attack vectors based on the security level of the vendor's cloud platform, including several vulnerabilities in M2M (machine-to-machine) protocols and weak asset registration mechanisms. In some cases, these security gaps enable attackers to:

• Gain root access through a reverse-shell.

• Compromise devices in the production network, facilitating unauthorised access and control with root privileges.

• Compromise devices, exfiltrate sensitive information, and perform operations such as shutdown.

Some attacks require identifiers like Media Access Control (MAC) address, serial number or International Mobile Equipment Identity (IMEI) to breach cloud-connected devices, but others do not. One serious issue affecting all three vendors is that their platforms expose devices that have not been configured to use the cloud. Furthermore, breaches of these devices may bypass all the security layers in the Purdue Enterprise Reference Architecture Model for several different vendors.

Find out more at www.otorio.com




Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

Boost revenue streams for MNOS
News & Events Security Services & Risk Management Financial (Industry)
ReveNet has introduced its new solution, designed to safeguard and potentially boost revenue streams in an increasingly challenging landscape for MNOS. The new platform combines advanced analytics and is built on trust, transparency, and sustainability principles.

Read more...
Vodacom Business unveils new cybersecurity report
Information Security IoT & Automation
Cybersecurity as an Imperative for Growth offers insights into the state of cybersecurity in South Africa, the importance of security frameworks in digital resilience and the latest attack methods adopted by cyberattackers.

Read more...
Smart surveillance and cyber resilience
Axis Communications SA Surveillance Information Security Government and Parastatal (Industry) Facilities & Building Management
South Africa’s critical infrastructure sector has to step up its game regarding cybersecurity and the evolving risk landscape. The sector has become a prime target for cybercriminals on top of physical threat actors, and the consequences of an incident can be far-reaching.

Read more...
NIS2 compliance amplifies skills shortages and resource strain
Information Security Security Services & Risk Management
A new Censuswide survey, commissioned by Veeam Software reveals the significant impact on businesses as they adapt to this key cybersecurity directive, with 95% of EMEA businesses siphoning other budgets to try and meet compliance deadline.

Read more...
SA company develops world-first safe K9 training for drug detection
Editor's Choice News & Events Security Services & Risk Management Government and Parastatal (Industry)
The Braveheart Bio-Dog Academy recently announced the results of its scientific research into training dogs to accurately detect drugs and explosives without harming either the dogs or their handlers.

Read more...
Autonomous healing systems are the future
Infrastructure Information Security AI & Data Analytics
Autonomous healing software, an emerging technology, is gaining traction for its potential to transform how organisations manage software maintenance, security, and system performance.

Read more...
Understanding South Africa’s Cybercrimes Act
Information Security Security Services & Risk Management
The Cybercrimes Act No.19 of 2020 is a comprehensive legislative response to the evolving landscape of cyberthreats in South Africa. Its effectiveness, however, relies on enforcement, which relies on implementation, international cooperation, and collaboration between the public and private sectors.

Read more...
AI-powered automation for an operational efficiency edge
Editor's Choice AI & Data Analytics IoT & Automation
In the fast-moving world of digital transformation, businesses are under immense pressure to accelerate their operations and adapt quickly to stay competitive in an era dominated by AI and technological advancements.

Read more...
Partnership addresses fire hazard mitigation
Brigit Fire (a Division of Hudaco Trading) Elvey Security Technologies Fire & Safety Security Services & Risk Management
Brigit Fire has partnered with the Elvey Group. The collaboration will see Brigit Fire distributing both the advanced C-TEC addressable fire detection systems (CAST Technology) and GreenMist lithium extinguishers.

Read more...
Fire protection for a solvent extraction plant in Africa
FS Systems Fire & Safety Security Services & Risk Management Mining (Industry)
A prominent mining site operates a state-of-the-art solvent extraction (SX) plant, integral to separating and purifying metals from ores, which pose significant fire risks, as SX processes involve highly flammable organic solvents and elevated operating temperatures.

Read more...