Monday, 15 May 2023 16:05

Cloud Management Systems for Three Industrial Cellular Providers Put OT Environments at Risk

Written by

Reading time is around minutes.

Cybersecurity firm OTORIO has announced several new vulnerabilities in cloud management platforms at Black Hat Asia 2023. The Israeli company named three industrial cellular providers with a total of eleven vulnerabilities which could allow for complete compromise of operational technology devices. These three providers represent a very large number of OT and IIoT (Industrial Internet of Things) devices, making them a serious concern.

The three companies identified are Sierra Wireless, InHand Networks and Teltonika Networks. Each has their own cloud management and monitoring offering. These management solutions are designed to allow for ease of management, configuration and inventory of devices. In industrial segments having a single pane of glass to monitor and control OT devices for industrial organizations is a great thing especially when you have multiple, and remote, sites you need to cover and (as always seems to be the case) limited staff. These types of solutions, when properly built and secure, are a good thing.

However, it seems that these groups have the platform for control but left out the security piece in many cases. For example, with Sierra Wireless, they have an flaw that allows an attacker to scan for unregistered devices (that are connected to the cloud) and using the available warranty registration tool gather the serial number and then register to an attacker controlled environment. The flaws found in InHand and Teltonika are just as bad and can allow an attacker to gain remote code execution with root privileges on devices and impersonate legitimate devices. Combined with the coverage of these service providers, and the severity, exploitation of these flaws could have a major impact on the industrial business space.

This is the second large scale revelation of exposures to IIoT and OT devices as 38 vulnerabilities were disclosed about three months ago. It is a concerning development for any industrial organization (including certain infrastructure). It is not beyond the scope of a threat group to leverage these vulnerabilities to hold an organization for ransom. If you can get into the cloud management system and take ownership of these devices, it would be a rough day for any organization hit.

To add insult to injury, industrial spaces are also one of the slowest spaces to remediate vulnerabilities like this as the cost can be significant. Remediation times are lengthy simply due to how many controls need to be updated and how remote and inaccessible some may be. The good news here is that these flaws are with the cloud management software and not embedded in each and every device. A fix should be relatively easy to roll out. The challenge might be in backwards compatibility. If updates to security make older devices unusable, then the fixes might indeed be slow to hit the real world.

Read 699 times

Leave a comment

Make sure you enter all the required information, indicated by an asterisk (*). HTML code is not allowed.