Protocol gateways prove critical for smart industrial environments
HONG KONG,
CHINA - Media OutReach - August 6, 2020 - (;), the
global leader in cloud security, today released research revealing a new class of security
vulnerabilities in protocol gateway devices that could expose Industry 4.0
environments to critical attacks.
Also known as protocol translators, protocol
gateways allow machinery, sensors, actuators and computers that operate in
industrial facilities to talk to each other and to IT systems that are
increasingly connected to such environments.
"Protocol gateways rarely get individual
attention, but their importance to Industry 4.0 environments is significant and
can be singled out by attackers as a critical weak link in the
chain," said Bill Malik, vice president of infrastructure strategy
for Trend Micro. "By responsibly disclosing nine zero-day vulnerabilities
with the affected vendors, Trend Micro is leading the way with industry-first
research that will help to make global OT environments more secure."
Trend Micro Research analyzed five popular
protocol gateways focused around translation of Modbus, one of the most widely
used OT protocols globally.
As detailed in the new report,
vulnerabilities and weaknesses found in these devices include:
- Authentication
vulnerabilities allowing unauthorized access
- Weak
encryption implementations allowing decryption of configuration databases
- Weak
implementation of authentication mechanisms resulting in disclosure of
sensitive information
- Denial of
Service conditions
- Flaws in the
translation function that could be used to issue stealth commands to sabotage
operations
Attacks leveraging such weaknesses could
allow malicious hackers to view and steal production configurations and
sabotage key industrial processes by manipulating process controls,
camouflaging malicious commands with legitimate packets, and denying process
control access.
The report makes several key recommendations
for vendors, installers and end users of industrial protocol gateways:
- Consider the
design of products carefully before selection. Ensure they have adequate packet
filtering capabilities, so that devices aren't prone to translation errors or
denial of service
- Do not rely
on a single point of control for the security of the network. Combine ICS
firewalls with traffic monitoring for improved security
- Spend time on
configuring and protecting the gateway -- use strong credentials, disable
unnecessary services and enable encryption where supported
- Apply
security management to protocol gateways as any other critical OT asset, i.e.
regular assessments for vulnerabilities/misconfiguration, and regular patching
The results of this research was presented at
Black Hat USA on August 5. To read the full report, please
visit: https://www.trendmicro.com/vinfo/hk/security/news/internet-of-things/lost-in-translation-when-industrial-protocol-translation-goes-wrong
About Trend Micro
Trend Micro Incorporated, a global leader in cybersecurity
solutions, helps to make the world safe for exchanging digital information. Our
innovative solutions for consumers, businesses, and governments provide layered
security for data centers, cloud environments, networks, and endpoints. All our
products work together to seamlessly share threat intelligence and provide a
connected threat defense with centralized visibility and control, enabling
better, faster protection. With more than 6,000 employees in over 50 countries
and the world's most advanced global threat intelligence, Trend Micro secures
your connected world. For more information, visit www.trendmicro.com.hk.
http://www.media-outreach.com/release.php/View/43113#Contact