Kaspersky Lab experts have helped to identify and patch seven previously unknown vulnerabilities in the ThingsPro Suite – an industrial IoT platform, designed for industrial control systems (ICS) data acquisition and remote analysis. Some of the vulnerabilities found could potentially allow threat actors to gain highly privileged access to industrial IoT gateways and execute deadly commands. All vulnerabilities identified were reported to and patched by platform developer Moxa.

 

ThingsPro Suite is an industrial internet of things platform that automatically gathers data from Operational Technology (OT) devices running at the industrial facility and submits it to an IoT cloud for further analysis. However, as much as such platforms are useful to ease Industrial IoT (IIoT) integration and maintenance, they can also be dangerous, unless they are developed and integrated with adequate security concerns in mind. As such solutions work as a connecting point between IT and OT security domains, vulnerabilities found in them can potentially allow attackers to gain access to an industrial network.

 

Within two weeks, Kaspersky Lab ICS CERT security researchers have been conducting a preconceptual study of the product, testing it for vulnerabilities that could be exploited remotely. As a result, seven zero-day vulnerabilities were found. One of the most severe could allow a remote attacker to execute any command on the target IIoT gateway. Another vulnerability made it possible for cybercriminals to gain root privileges, providing the ability to change the device’s configuration. Moreover, its exploitation could be automated, meaning that cybercriminals could automatically compromise multiple Moxa ThingsPro IoT gateways in different enterprises and to even potentially gain access to industrial networks of the organizations.

 

“Moxa is a trusted and respected brand in the industrial systems world. However, despite the company’s vast expertise and experience, its new product had a number of vulnerabilities, which shows that it is important even for industry leaders to conduct proper cybersecurity tests. We call on all ICS-product developers to act responsibly, performing regular vulnerability checks, treating the security of solutions for industrial systems as an integral and essential part of development,” said Alexander Nochvay, Security Researcher at Kaspersky Lab.

 

“The industrial control systems of organizations in the Philippines are definitely expanding as we speak, particularly in the areas of utilities,  telecommunications, and manufacturing. We highly advise ICS officers to be proactive in ensuring that the stability of these critical infrastructure is protected in the face of frequent and severe cyber attacks,” said Yeo Siang Tiong, General Manager at Kaspersky Lab Southeast Asia.

 

To keep industrial control systems safe, we advise that companies:

 

  • Restrict access of IIoT gateway devices to components of the enterprise’s OT and IT networks to the extent possible;

 

  • Restrict access to IIoT gateway devices from the enterprise network and the internet to the extent possible;

 

  • Set up monitoring of remote access to the enterprise’s OT network, as well as monitoring of access to individual ICS components (workstations, servers, and other equipment) inside the OT network;

 

  • Use solutions designed to analyze network traffic, detect and prevent network attacks – at the boundary of the enterprise network and at the boundary of the OT network;

 

  • Use dedicated solutions to monitor and perform deep analysis of network traffic on the OT network and detect attacks on industrial equipment;

 

  • Ensure the security of hosts on the enterprise’s IT and OT networks using solutions that provide protection from malware and cyberattacks.

 

  • Provide cyber-hygiene training to employees, partners and suppliers who have access to the enterprise’s OT network.

 

  • To assist companies in choosing OT security solutions, world’s leading research and advisory company Gartner has released its Competitive Landscape: Operational Technology Security report (Authored by: Ruggero Contu, Published on: 29 October 2018). Kaspersky Lab was cited for its solutions under the following categories: OT endpoint security, OT network monitoring and visibility, anomaly detection, incident response, and reporting, and OT Security Service. To see the full complimentary copy of report, please visit the Gartner website.

 

 

Read a complimentary copy of the full version of the report on the Kaspersky Lab ICS CERT website.

 


RECOMMENDED ARTICLE FOR TECHWORLD


 
TajMahal: Rare Spying Platform with 80 Malicious Modules, Unique Functionality and No Known Links to Current Threat Actors
Techworld Date Posted: 27 April 2019 9:46 AM | 189 Views
Kaspersky Lab researchers have uncovered a technically sophisticated cyberespionage framework that has been active since at least 2013 and appears to be unconnected to any known threat actors. The framework, which researchers have named.... See More
 
TajMahal: Rare Spying Platform with 80 Malicious Modules, Unique Functionality and No Known Links to Current Threat Actors
Techworld Date Posted: 9:46 AM | 189 Views
Kaspersky Lab researchers have uncovered a technically sophisticated cyberespionage framework that has been active since at least 2013 and appears to be unconnected to any known threat actors. The framework, which researchers have named...See More

 
Artificial Intelligence and Machine Learning Are Changing the Way We Do Business
Techworld Date Posted: 28 November 2017 10:29 AM | 555 Views
Today, every organisation needs to reimagine its business model. Customers expect business to meet them anywhere, any time, on any device. To meet this speed of response, businesses need to be ahead of the.... See More
 
Artificial Intelligence and Machine Learning Are Changing the Way We Do Business
Techworld Date Posted: 10:29 AM | 555 Views
Today, every organisation needs to reimagine its business model. Customers expect business to meet them anywhere, any time, on any device. To meet this speed of response, businesses need to be ahead of the...See More

 
Moto E4 Plus Empowers Gamers to Level Up
Techworld Date Posted: 3 October 2017 8:52 AM | 579 Views
Gaming, mobile or otherwise, continues to be a huge part of today's digital experience. Not just millennials but even Gen Xers as well are very much engaged in the digital gaming world, mostly through.... See More
 
Moto E4 Plus Empowers Gamers to Level Up
Techworld Date Posted: 8:52 AM | 579 Views
Gaming, mobile or otherwise, continues to be a huge part of today's digital experience. Not just millennials but even Gen Xers as well are very much engaged in the digital gaming world, mostly through...See More

 
MSI Gaming joins the biggest gaming event in the philippines, E-SPORTS and gaming summit 2017
Techworld Date Posted: 24 October 2017 10:21 AM | 817 Views
Pasay City, Philippines – Micro-star International or MSI, the world’s best-selling gaming laptop brand, is one of the sponsors and exhibitors in the ESGS Event this October 27-29, 2017 at the SMX Convention Center..... See More
 
MSI Gaming joins the biggest gaming event in the philippines, E-SPORTS and gaming summit 2017
Techworld Date Posted: 10:21 AM | 817 Views
Pasay City, Philippines – Micro-star International or MSI, the world’s best-selling gaming laptop brand, is one of the sponsors and exhibitors in the ESGS Event this October 27-29, 2017 at the SMX Convention Center....See More

 
Kaspersky Lab Helps to Secure Bionic Technologies for People with Disabilities
Techworld Date Posted: 28 February 2019 2:14 PM | 170 Views
Kaspersky Lab experts investigating the experimental cloud infrastructure for advanced bionic prostheses have identified several previously unknown security issues that could enable a third party to access, manipulate, steal or even delete the private.... See More
 
Kaspersky Lab Helps to Secure Bionic Technologies for People with Disabilities
Techworld Date Posted: 2:14 PM | 170 Views
Kaspersky Lab experts investigating the experimental cloud infrastructure for advanced bionic prostheses have identified several previously unknown security issues that could enable a third party to access, manipulate, steal or even delete the private...See More

 
Playing an Integral Part of the Nation’s Modernization through Security, Fire and Safety
Techworld Date Posted: 7 August 2018 10:14 AM | 784 Views
The second edition of the Philippines’ leading security, fire and safety event, IFSEC Philippines took place on 29 May – 1 June 2018 at the SMX Convention Center. Attended by 3,879 visitors from around.... See More
 
Playing an Integral Part of the Nation’s Modernization through Security, Fire and Safety
Techworld Date Posted: 10:14 AM | 784 Views
The second edition of the Philippines’ leading security, fire and safety event, IFSEC Philippines took place on 29 May – 1 June 2018 at the SMX Convention Center. Attended by 3,879 visitors from around...See More

 
AKAMAI POSITIONED IN LEADERS QUADRANT OF GARTNER MAGIC QUADRANT FOR WEB APPLICATION FIREWALLS
Techworld Date Posted: 24 August 2017 10:38 AM | 223 Views
Akamai Technologies, Inc. (NASDAQ: AKAM), the world's largest and most trusted cloud delivery platform, today announced it has been acknowledged by Gartner, Inc. in the "Leaders" quadrant of the "Magic Quadrant for Web Application.... See More
 
AKAMAI POSITIONED IN LEADERS QUADRANT OF GARTNER MAGIC QUADRANT FOR WEB APPLICATION FIREWALLS
Techworld Date Posted: 10:38 AM | 223 Views
Akamai Technologies, Inc. (NASDAQ: AKAM), the world's largest and most trusted cloud delivery platform, today announced it has been acknowledged by Gartner, Inc. in the "Leaders" quadrant of the "Magic Quadrant for Web Application...See More

 
The Rise of Thingbots in the Philippines
Techworld Date Posted: 26 October 2017 1:06 PM | 220 Views
Thingbots, botnets built exclusively from IoT devices, are set to become the infrastructure for a future darknet. This is one of the key findings of F5 Networks’s latest report,. See More
 
The Rise of Thingbots in the Philippines
Techworld Date Posted: 1:06 PM | 220 Views
Thingbots, botnets built exclusively from IoT devices, are set to become the infrastructure for a future darknet. This is one of the key findings of F5 Networks’s latest report,See More

 
Kaspersky partners with Temasek Polytechnic to offer technical cybersecurity courses to more Singaporeans
Techworld Date Posted: 30 August 2019 4:18 PM | 86 Views
Kaspersky partners with Temasek Polytechnic to offer technical cybersecurity courses to more Singaporeans. See More
 
Kaspersky partners with Temasek Polytechnic to offer technical cybersecurity courses to more Singaporeans
Techworld Date Posted: 4:18 PM | 86 Views
Kaspersky partners with Temasek Polytechnic to offer technical cybersecurity courses to more SingaporeansSee More

 
Sony’s Xperia XZ Premium Gets Android 8.0 Oreo Upgrade
Techworld Date Posted: 4 December 2017 4:42 PM | 202 Views
Sony’s Xperia XZ Premium is getting an OS upgrade. The Android 8.0 Oreo update is now available for Sony’s flagship smartphone but it also goes beyond the usual as it brings with it cool.... See More
 
Sony’s Xperia XZ Premium Gets Android 8.0 Oreo Upgrade
Techworld Date Posted: 4:42 PM | 202 Views
Sony’s Xperia XZ Premium is getting an OS upgrade. The Android 8.0 Oreo update is now available for Sony’s flagship smartphone but it also goes beyond the usual as it brings with it cool...See More


Power by

Download Free AZ | Free Wordpress Themes