2021 will be remembered as that year Ransomware The gang focused its attention on critical infrastructure for companies built around manufacturing, energy distribution, and food production.
Colonial Pipeline Ransomware alone shut down the 5,500-mile pipeline for fear that ransomware attacks on IT networks would spread to the operational network that controls the pipeline for fuel distribution.
Operational Technology (OT) networks control production lines, power plants, and devices essential to the continued operation of energy supplies. As a result, it is typically segmented from the corporate Internet-connected IT network, better separating critical hardware from cyberattacks. Successful attack on OT network Rare, But following a colonial ransomware attack, CISA warned Increasing threat For critical infrastructure owners.
Security researchers are now warning about the risks posed by embedded devices on these OT networks.Embedded device security provider Red Balloon Security has announced a new study Ransomware can be deployed Embedded systems used in real-world networks.
The company said it discovered a vulnerability in the Schneider Electric Ether Gee P5 protection relay, a key device for modern power grid operation and stability, by triggering a circuit breaker when a failure is discovered. ..
This vulnerability could be exploited to deploy a ransomware payload. This is the “sophisticated but reproducible” process that Red Balloon has achieved. A Schneider Electric spokesman told TechCrunch that he was “extremely wary of cyber threats” and that “after learning about the vulnerabilities in the Schneider Electric Easergy P5 protection relay, we immediately worked to resolve it.”
Ang Cui, founder and co-CEO of RedBalloon, said that while ransomware attacks are attacking the IT networks of critical infrastructure providers, a successful OT embedded device breach could be “much more damaging.” I told TechCrunch that there was one.
“Companies are new to or inexperienced in recovering from attacks on the embedded device itself,” he said. “If a device is destroyed or irreparable, you will need to procure a replacement device. This can take several weeks due to limited supply.”
Last year, security veteran Window Snyder Launched a startup to help IoT makers deliver software updates reliably and securely He said embedded devices could be an easy target for their devices, especially as other entry points become more resilient.
When it comes to embedded systems, “many of them don’t have a privilege separation, many of them don’t have a code and data separation, and many of them were developed with the idea that they’re sitting. That’s not enough for networks with air gaps, “Snyder told TechCrunch.
According to a Red Balloon study, the security built into these devices (often decades old) needs to be improved, for government and commercial end users to vendors who manufacture these devices. We are asking for high standards.
“Issuing firmware fixes is a responsive and inefficient approach that does not address the overall instability of the most mission-critical industries and services,” says Cui. “Vendors need to increase security down to the embedded device level.” He also believes that the US government needs to do more work at the regulatory level and is now doing more security at the device level. We believe we need to put more pressure on device makers who are not motivated to build.
However, Snyder believes that a regulatory-led approach is unlikely to help. “I think the most useful thing is to reduce the attack surface and increase the compartmentalization,” she says. “We’re not going to regulate escape from safer devices. Someone needs to get out there and build resilience with them.”
Are embedded devices the next ransomware target? – TechCrunch Source link Are embedded devices the next ransomware target? – TechCrunch
The post Are embedded devices the next ransomware target? – TechCrunch appeared first on California News Times.