IIoT software vulnerabilities fuel critical-infrastructure attacks–again
In August 2021, Forescout Research Labs and JFrog Security Research identified 14 vulnerabilities affecting the NicheStack TCP/IP stack, which the organizations dubbed INFRA:HALT.
TCP/IP stacks enable vendors to implement basic network communications for IP-connected systems, including IT, operational technology (OT) and Industrial Internet of Things (IoT) devices.
Indeed, NicheStack is present in myriad OT devices that are commonly used in several critical infrastructure sectors, such as manufacturing plants, water treatment, power generation and more.
The new vulnerabilities enable remote code execution, denial of service, information leak, TCP spoofing, or DNS cache poisoning.
Critical Infrastructure Attacks Reveal ICS Weak Spots
The vulnerabilities discovered illuminate the risk to critical infrastructure systems should they be compromised by malicious actors. These systems are aging and vulnerable, said experts.
“It is … an unfortunate example of the huge vulnerability of an aging infrastructure that has been connected, directly or indirectly, to the Internet,” said Curtis Simpson, CISO at Armis in a recent article on increasing attacks on critical infrastructure.
Forrester Research’s Brian Kim said that critical infrastructure organizations need to focus on identifying vulnerable OT devices within their estate, then focus on building a zero-trust strategy, using least privilege and network segmentation to prevent malicious actors from gaining access to critical systems.
To read the complete article, visit IoT World Today.