Wireless IIoT devices at risk from vulnerabilities.
Researchers at Otorio have discovered thirty-eight vulnerabilities affecting industrial internet-of-things (IIoT) devices from four separate vendors.
Flaws in IIoT devices.
Three of the vulnerabilities affect ETIC Telecom’s Remote Access Server (RAS), two of the flaws impact Sierra Wireless AirLink Router, and five affect InHand Networks InRouter 302 and InRouter 615. The rest of the vulnerabilities are still in the disclosure process.
The researchers note that attackers can use publicly available apps, such as WiGLE, to identify these types of vulnerabilities: “Our scanning uncovered thousands of wireless devices related to industrial and critical infrastructure, with hundreds configured with publicly known weak encryptions.
Security best practices for IIoT.
To mitigate IIoT vulnerabilities, Otorio offers the following recommendations:
- “Establishing a zero trust policy between cells and the L3 (control center), ensuring that if an attacker compromises a single cell, they won't be able to reach other cells or unnecessary services in the L3.
- “Applying a whitelist-based communication template monitored by the FW/IPS between L3 and the cells. The communication template will guarantee that only allowed traffic is sent from the cells to the L3.
- “Creating a proxy address for internet-managed devices (industrial cellular gateways, intelligent field devices, etc.). Traffic will be sent to the Proxy functionality, which will perform MITM to the data to detect any malicious behavior.”