OTORIO, a leading operational technology cyber and digital risk management solution provider, has announced that three major industrial cellular router vendors have vulnerabilities in their respective cloud management platforms. This leaves hundreds of thousands of devices and operational networks open to potential attacks, prompting concerns about the security of connecting operational technology to the cloud.
OTORIO Uncovers Security Flaws
At Black Hat Asia 2023, OTORIO Security Researcher Roni Gavrilov shared the company’s findings on the issue. In their research, OTORIO discovered 11 vulnerabilities among the cloud platforms studied, which allow remote code execution and complete control over numerous devices and operational networks. More surprisingly, even devices not actively configured to use the cloud are exposed to these vulnerabilities.
A Range of Exploitable Vulnerabilities
The study uncovered a variety of attack vectors based on the security level of the vendor’s cloud platform. Some of these vulnerabilities included weaknesses in M2M (machine-to-machine) protocols and poor asset registration mechanisms. Attackers can exploit these vulnerabilities to gain root access through a reverse-shell, compromise devices in the production network with unauthorized access and control, or even exfiltrate sensitive information and conduct shutdown operations.
Assessing the Risks in IIoT Devices
As the deployment of Industrial Internet of Things (IIoT) devices becomes more widespread, awareness of potential threats from their cloud management platforms is crucial. According to Gavrilov, a single IIoT vendor platform being exploited can serve as a “pivot point” for attackers, giving them access to thousands of environments simultaneously. Of particular concern is that all three vendors’ platforms expose devices that have not been configured to use the cloud, bypassing security layers in the Purdue Enterprise Reference Architecture Model for different vendors.
OTORIO’s announcement sheds light on the significant security risks associated with industrial cellular router vendors, which could affect a large number of devices and operational networks. Companies must remain vigilant and continue prioritizing cybersecurity measures to protect their networks and ensure the safe adoption of IIoT devices.