Kaspersky Lab experts have helped to identify and patch seven previously unknown vulnerabilities in the ThingsPro Suite – an industrial IoT platform, designed for industrial control systems (ICS) data acquisition and remote analysis. Some of the vulnerabilities found could potentially allow threat actors to gain highly privileged access to industrial IoT gateways and execute deadly commands. All vulnerabilities identified were reported to and patched by platform developer Moxa.

 

ThingsPro Suite is an industrial internet of things platform that automatically gathers data from Operational Technology (OT) devices running at the industrial facility and submits it to an IoT cloud for further analysis. However, as much as such platforms are useful to ease Industrial IoT (IIoT) integration and maintenance, they can also be dangerous, unless they are developed and integrated with adequate security concerns in mind. As such solutions work as a connecting point between IT and OT security domains, vulnerabilities found in them can potentially allow attackers to gain access to an industrial network.

 

Within two weeks, Kaspersky Lab ICS CERT security researchers have been conducting a preconceptual study of the product, testing it for vulnerabilities that could be exploited remotely. As a result, seven zero-day vulnerabilities were found. One of the most severe could allow a remote attacker to execute any command on the target IIoT gateway. Another vulnerability made it possible for cybercriminals to gain root privileges, providing the ability to change the device’s configuration. Moreover, its exploitation could be automated, meaning that cybercriminals could automatically compromise multiple Moxa ThingsPro IoT gateways in different enterprises and to even potentially gain access to industrial networks of the organizations.

 

“Moxa is a trusted and respected brand in the industrial systems world. However, despite the company’s vast expertise and experience, its new product had a number of vulnerabilities, which shows that it is important even for industry leaders to conduct proper cybersecurity tests. We call on all ICS-product developers to act responsibly, performing regular vulnerability checks, treating the security of solutions for industrial systems as an integral and essential part of development,” said Alexander Nochvay, Security Researcher at Kaspersky Lab.

 

“The industrial control systems of organizations in the Philippines are definitely expanding as we speak, particularly in the areas of utilities,  telecommunications, and manufacturing. We highly advise ICS officers to be proactive in ensuring that the stability of these critical infrastructure is protected in the face of frequent and severe cyber attacks,” said Yeo Siang Tiong, General Manager at Kaspersky Lab Southeast Asia.

 

To keep industrial control systems safe, we advise that companies:

 

  • Restrict access of IIoT gateway devices to components of the enterprise’s OT and IT networks to the extent possible;

 

  • Restrict access to IIoT gateway devices from the enterprise network and the internet to the extent possible;

 

  • Set up monitoring of remote access to the enterprise’s OT network, as well as monitoring of access to individual ICS components (workstations, servers, and other equipment) inside the OT network;

 

  • Use solutions designed to analyze network traffic, detect and prevent network attacks – at the boundary of the enterprise network and at the boundary of the OT network;

 

  • Use dedicated solutions to monitor and perform deep analysis of network traffic on the OT network and detect attacks on industrial equipment;

 

  • Ensure the security of hosts on the enterprise’s IT and OT networks using solutions that provide protection from malware and cyberattacks.

 

  • Provide cyber-hygiene training to employees, partners and suppliers who have access to the enterprise’s OT network.

 

  • To assist companies in choosing OT security solutions, world’s leading research and advisory company Gartner has released its Competitive Landscape: Operational Technology Security report (Authored by: Ruggero Contu, Published on: 29 October 2018). Kaspersky Lab was cited for its solutions under the following categories: OT endpoint security, OT network monitoring and visibility, anomaly detection, incident response, and reporting, and OT Security Service. To see the full complimentary copy of report, please visit the Gartner website.

 

 

Read a complimentary copy of the full version of the report on the Kaspersky Lab ICS CERT website.

 


RECOMMENDED ARTICLE FOR TECHWORLD


 
Meralco Announces 34-Centavo per kWh Rate Drop for January
Techworld Date Posted: 23 January 2019 11:39 AM | 58 Views
The country’s largest electricity distribution utility has just announced that the overall electricity rates for the first month of the year are now down to P9.84 per kilowatt-hour (kWh), which is lower by P0.34.... See More
 
Meralco Announces 34-Centavo per kWh Rate Drop for January
Techworld Date Posted: 11:39 AM | 58 Views
The country’s largest electricity distribution utility has just announced that the overall electricity rates for the first month of the year are now down to P9.84 per kilowatt-hour (kWh), which is lower by P0.34...See More

 
Threat Actors Go to New Depths to Carry Out Devastating Attacks — Kaspersky Lab’s Predictions for 2019
Techworld Date Posted: 28 November 2018 1:14 PM | 81 Views
The year ahead will see the APT world split into two groups — energetic and inexperienced newcomers who want to play the game and the traditional, well-resourced and most advanced actors.. See More
 
Threat Actors Go to New Depths to Carry Out Devastating Attacks — Kaspersky Lab’s Predictions for 2019
Techworld Date Posted: 1:14 PM | 81 Views
The year ahead will see the APT world split into two groups — energetic and inexperienced newcomers who want to play the game and the traditional, well-resourced and most advanced actors.See More

 
Romantic Phishing Is on the Rise – How Not to Lose Your Money while Losing Your Heart
Techworld Date Posted: 18 February 2019 11:24 AM | 60 Views
Kaspersky Lab experts have detected a sharp increase in phishing activities from criminals offering users various romantic goods on the eve of Valentine’s Day. The total number of user attempts to visit fraudulent websites.... See More
 
Romantic Phishing Is on the Rise – How Not to Lose Your Money while Losing Your Heart
Techworld Date Posted: 11:24 AM | 60 Views
Kaspersky Lab experts have detected a sharp increase in phishing activities from criminals offering users various romantic goods on the eve of Valentine’s Day. The total number of user attempts to visit fraudulent websites...See More

 
PLDT, Smart Kick Off ‘Road to Nationals’ Open eSports Tournament
Techworld Date Posted: 7 August 2018 4:39 PM | 152 Views
  Leading telco and digital services provider, PLDT Inc. and its wireless arm Smart Communications, Inc. have kicked off the Road to Nationals, a nationwide multi-game grassroots tournament in search of the best eSports.... See More
 
PLDT, Smart Kick Off ‘Road to Nationals’ Open eSports Tournament
Techworld Date Posted: 4:39 PM | 152 Views
  Leading telco and digital services provider, PLDT Inc. and its wireless arm Smart Communications, Inc. have kicked off the Road to Nationals, a nationwide multi-game grassroots tournament in search of the best eSports...See More

 
Power Mac Center’s Official Statement on the iPhone Battery Servicing
Techworld Date Posted: 22 January 2018 2:45 PM | 211 Views
In light of Apple’s official communication regarding the chemical aging issue of batteries on older iPhone units, Power Mac Center,. See More
 
Power Mac Center’s Official Statement on the iPhone Battery Servicing
Techworld Date Posted: 2:45 PM | 211 Views
In light of Apple’s official communication regarding the chemical aging issue of batteries on older iPhone units, Power Mac Center,See More

 
PLDT and Smart Ring in Christmas with ‘Holideals,’ Their Biggest Holiday Sale Yet
Techworld Date Posted: 16 November 2018 3:27 PM | 174 Views
Brace yourself as leading digital services provider PLDT Inc. and its mobile arm Smart Communications, Inc. are ushering in the Christmas season with the first ever ‘Holideals,’ their biggest holiday blow-out yet. See More
 
PLDT and Smart Ring in Christmas with ‘Holideals,’ Their Biggest Holiday Sale Yet
Techworld Date Posted: 3:27 PM | 174 Views
Brace yourself as leading digital services provider PLDT Inc. and its mobile arm Smart Communications, Inc. are ushering in the Christmas season with the first ever ‘Holideals,’ their biggest holiday blow-out yetSee More

 
Transcend Releases Fast, Stylish StoreJet 600 for Mac
Techworld Date Posted: 27 September 2017 4:59 PM | 219 Views
Transcend Information Inc., a leading manufacturer of storage and multimedia products, is proud to announce the release of the StoreJet 600 for Mac. Housed in a stunning metallic casing, this light and durable StoreJet.... See More
 
Transcend Releases Fast, Stylish StoreJet 600 for Mac
Techworld Date Posted: 4:59 PM | 219 Views
Transcend Information Inc., a leading manufacturer of storage and multimedia products, is proud to announce the release of the StoreJet 600 for Mac. Housed in a stunning metallic casing, this light and durable StoreJet...See More

 
New Kaspersky CyberTrace Streamlines Threat Intelligence Flows for Better Initial Response to Cyberthreats
Techworld Date Posted: 21 February 2019 2:00 PM | 61 Views
With the number of available threat intelligence sources continuing to grow, a third of Chief Information Security Officers (CISOs) feel under pressure as they cannot consume cybercrime intelligence easily or effectively. . See More
 
New Kaspersky CyberTrace Streamlines Threat Intelligence Flows for Better Initial Response to Cyberthreats
Techworld Date Posted: 2:00 PM | 61 Views
With the number of available threat intelligence sources continuing to grow, a third of Chief Information Security Officers (CISOs) feel under pressure as they cannot consume cybercrime intelligence easily or effectively. See More

 
Roaming Mantis Extends DNS Hijacking Attacks from Asia to Rest of World, Adds Crypto-Mining
Techworld Date Posted: 18 May 2018 2:23 PM | 250 Views
On 16 April, Kaspersky Lab researchers reported on a new Android malware distributed through a domain name system (DNS) hijacking technique and targeting mainly smartphones in Asia. Four weeks on, the threat continues to.... See More
 
Roaming Mantis Extends DNS Hijacking Attacks from Asia to Rest of World, Adds Crypto-Mining
Techworld Date Posted: 2:23 PM | 250 Views
On 16 April, Kaspersky Lab researchers reported on a new Android malware distributed through a domain name system (DNS) hijacking technique and targeting mainly smartphones in Asia. Four weeks on, the threat continues to...See More

 
Remote Access Nightmare: New Backdoors Increase More Than 40% in 2018
Techworld Date Posted: 11 December 2018 4:24 PM | 111 Views
Out of all the new malicious files detected in 2018, the amount that turned out to be backdoors rose by 44%, while the volume of ransomware increased by 43%.. See More
 
Remote Access Nightmare: New Backdoors Increase More Than 40% in 2018
Techworld Date Posted: 4:24 PM | 111 Views
Out of all the new malicious files detected in 2018, the amount that turned out to be backdoors rose by 44%, while the volume of ransomware increased by 43%.See More


Power by

Download Free AZ | Free Wordpress Themes