Menu
HOME FREE eNEWSLETTERS CONTACT US ADVERTISE WITH US

IoT FEATURE NEWS

Forescout's 'SIERRA:21 - Living on the Edge' Analysis of New Vulnerabilities within OT and IoT

By

Forescout has been described as one of the global leaders in cybersecurity. With solutions focused on network security, risk and exposure management, and threat detection and response, Forescout tackles real-world use cases involving network access and control, network segmentation, asset inventory, ZTNA, OT and IoT security (i.e. we’ll be touching on that one more in this story, in particular), and cases necessitating stronger medical device security, automation, device compliance and SIEM modernization. These things impact financial services, healthcare, energy and utilities, and education (to name a few).

“See it. Secure it. Identify, protect and ensure the compliance of every cyber asset, continuously.” That’s a big M.O. for Forescout, especially when applied to IT, OT, IoT and beyond, but here we are.

In that vein, we have a new report produced by Forescout Research’s Vedere Labs – “SIERRA:21 – Living on the Edge” – which has uncovered almost two dozen new vulnerabilities in critical infrastructure, emphasizing the need for intelligent risk mitigation going into the new year.

Specifically, 21 new vulnerabilities have been identified. (Vulnerabilities that affect OT and IoT routers, increasing risk exposure.) Notably, the products affected are currently prevalent in multiple IoT-involved industries like healthcare/IoMT and manufacturing, fintech, power generation, government, and elsewhere.

The long-story-short of it: This report has exposed more than 86,000 devices across critical sectors.

Additional context: “SIERRA:21 – Living on the Edge” features research into Sierra Wireless AirLink cellular routers and some of its open-source components, such as TinyXML and OpenNDS. Sierra Wireless routers are popular; an open database of Wi-Fi networks shows 245,000 networks worldwide running Sierra Wireless for a variety of applications. For example, Sierra Wireless routers are used for police vehicles connecting to a central network management system or to stream surveillance video, in manufacturing plants for industrial asset monitoring, in healthcare facilities providing temporary connectivity and to manage electric vehicle (EV) charging stations. That said, the 21 new vulnerabilities have the potential to stop vital communications that could have noticeable effect on everyday life.

Forescout Research also discovered that:

  • The attack surface is expansive, with those aforementioned 86,000 vulnerable routers still exposed online. Less than 10% of these routers are confirmed to be patched against known previous vulnerabilities found since 2019.

  • Regions with the highest number of exposed devices includes:
    • 68,605 devices in the U.S.
    • 5,580 devices in Canada
    • 3,853 devices in Australia
    • 2,329 devices in France
    • 1,001 devices in Thailand

  • Among the 21 vulnerabilities, one has critical severity (i.e. a CVSS score 9.6), nine have high severity, and 11 have medium severity. These vulnerabilities allow attackers to steal credentials, take control of a router by injecting malicious code, persist on the device and use it as an initial access point into critical networks.
  • “Patching can’t fix everything.” Ninety percent of devices exposing a specific management interface have reached “end-of-life” status, meaning they cannot be further patched.
  • It’s an uphill battle to secure supply chain components. Open-source software elements continue to go unchecked and increase the attack surface of critical devices, leading to vulnerabilities that may be hard for organizations to track and mitigate.

“We are raising the alarm because there remain thousands of OT/IoT devices representing an increased attack surface that requires attention,” advised Elisa Constante, VP at Forescout Research – Vedere Labs. “Vulnerabilities impacting critical infrastructure are like an open window for bad actors in every community. State-sponsored actors are developing custom malware to use routers for persistence and espionage. Cybercriminals are also leveraging routers and related infrastructure for residential proxies and to recruit into botnets. Our discoveries reaffirm the need for heightened awareness of the OT/IoT edge devices that are so often neglected.”

To learn more from the “SIERRA:21 – Living on the Edge” report, read here.




Edited by Greg Tavarez
Get stories like this delivered straight to your inbox. [Free eNews Subscription]
Author Info
Alex Passett

Editor

Click here to read full bio

SHARE THIS ARTICLE
Related Articles

Extending the Reach of Wi-Fi HaLow: Morse Micro Expands Global Presence, Establishes New Branch Office in Taiwan

By: Alex Passett    5/2/2024

Renowned Wi-Fi HaLow silicon vendor Morse Micro yesterday announced the opening of its new Taiwan branch in Taipei, demonstrating the company's commit…

Read More

To Accelerate IoT Growth Strategies, Digi International Adds Tony Puopolo to its Leadership Roster

By: Alex Passett    5/2/2024

After 13 years at Cradlepoint, Tony Puopolo was appointed to Digi International's Digi Managed Solutions division in a senior vice president, general …

Read More

Smarter IoT Device Security: Updates on the US Cyber Trust Mark

By: Alex Passett    5/1/2024

The FCC officially voted to create the U.S. Cyber Trust Mark program for internet-connected devices.

Read More

Digi International's Connect Sensor XRT-M Resolves Key Industry Challenges

By: Alex Passett    4/30/2024

IoT company Digi International recently announced the launch of the Digi Connect Sensor XRT-M, powered by Digi Axess.

Read More

A Look at Looq AI's Digital Twins Platform, its Successful $3.75M Funding, and What's Next

By: Alex Passett    4/29/2024

Earlier this year, Looq AI launched its digital twin-esque platform and also succeeded in its funding endeavors, paving the way for what's ahead.

Read More
View All News