• Follow Us On : 

Trend Micro Research Reveals Serious Vulnerabilities in Critical Industry 4.0-IT Interfaces


Redaksi | Kamis,06 Agustus 2020 - 03:41:08 WIB
Dibaca: 409 kali 
Trend Micro Research Reveals Serious Vulnerabilities in Critical Industry 4.0-IT Interfaces

Protocol gateways prove critical for smart industrial environments

CHINA - Media OutReach - August 6, 2020 - Trend Micro Incorporated (TYO: 4704; TSE: 4704), the global leader in cloud security, today released research revealing a new class of security vulnerabilities in protocol gateway devices that could expose Industry 4.0 environments to critical attacks.

Also known as protocol translators, protocol gateways allow machinery, sensors, actuators and computers that operate in industrial facilities to talk to each other and to IT systems that are increasingly connected to such environments.

"Protocol gateways rarely get individual attention, but their importance to Industry 4.0 environments is significant and can be singled out by attackers as a critical weak link in the chain," said Bill Malik, vice president of infrastructure strategy for Trend Micro. "By responsibly disclosing nine zero-day vulnerabilities with the affected vendors, Trend Micro is leading the way with industry-first research that will help to make global OT environments more secure."

Trend Micro Research analyzed five popular protocol gateways focused around translation of Modbus, one of the most widely used OT protocols globally.

As detailed in the new report, vulnerabilities and weaknesses found in these devices include:

  • Authentication vulnerabilities allowing unauthorized access
  • Weak encryption implementations allowing decryption of configuration databases
  • Weak implementation of authentication mechanisms resulting in disclosure of sensitive information
  • Denial of Service conditions
  • Flaws in the translation function that could be used to issue stealth commands to sabotage operations

Attacks leveraging such weaknesses could allow malicious hackers to view and steal production configurations and sabotage key industrial processes by manipulating process controls, camouflaging malicious commands with legitimate packets, and denying process control access.

The report makes several key recommendations for vendors, installers and end users of industrial protocol gateways:

  • Consider the design of products carefully before selection. Ensure they have adequate packet filtering capabilities, so that devices aren't prone to translation errors or denial of service
  • Do not rely on a single point of control for the security of the network. Combine ICS firewalls with traffic monitoring for improved security
  • Spend time on configuring and protecting the gateway -- use strong credentials, disable unnecessary services and enable encryption where supported
  • Apply security management to protocol gateways as any other critical OT asset, i.e. regular assessments for vulnerabilities/misconfiguration, and regular patching

The results of this research was presented at Black Hat USA on August 5. To read the full report, please visit: https://www.trendmicro.com/vinfo/hk/security/news/internet-of-things/lost-in-translation-when-industrial-protocol-translation-goes-wrong 

About Trend Micro
Trend Micro Incorporated, a global leader in cybersecurity solutions, helps to make the world safe for exchanging digital information. Our innovative solutions for consumers, businesses, and governments provide layered security for data centers, cloud environments, networks, and endpoints. All our products work together to seamlessly share threat intelligence and provide a connected threat defense with centralized visibility and control, enabling better, faster protection. With more than 6,000 employees in over 50 countries and the world's most advanced global threat intelligence, Trend Micro secures your connected world.


Akses Wahanariau.com Via Mobile m.Wahanariau.com
Untuk Berbagi Berita / Informasi / Peristiwa
Silahkan SMS ke nomor HP : 085271472010
atau email ke alamat : [email protected]
Harap camtumkan detail data diri Anda
Pengutipan Berita dan Foto, Cantumkan Wahanariau.com Sebagai Sumber Tanpa Penyingkatan
TULIS KOMENTAR
BERITA TERKAIT
Kamis,30 Agustus 2018

Trend Micro Report Reveals Criminals Increasingly Drawn To Low-Profile Attacks

Midyear Security Roundup combines expansive Trend Micro data to offer business insights on growing t

Rabu,20 November 2019

Trend Micro Predicts Escalating Cloud and Supply Chain Risk

Cyber risk increases at all layers of the corporate network as we enter a new decade CHINA - Media

Rabu,27 Mei 2020

Trend Micro Research Finds Trust Lacking Within the Cybercriminal Underground

Report details changing tactics and global demand for new malicious services like Deepfake ransomwar

Selasa,26 Februari 2019

Trend Micro New Offering Enables Telecom Provides to Push a Security Layer Across Users’ Digital Life

Trend Micro Consumer Connect stops threats before they can compromise smart home or mobile devices

Rabu,31 Oktober 2018

Trend Micro and NTT DOCOMO Collaborate to Provide New Solution for 5G Era

Technical verification already underway of this IoT security solution HONG KONG, CHINA - 

Rabu,23 Januari 2019

Trend Micro’s Telecom Security Solution Receives VMware-Ready Certification

Interoperability helps telecom and service providers to further alleviate network risks experienced

BERITA LAINNYA
Jumat,23 Oktober 2020

Recreate Cinematic Experiences with Samsungs Latest Displays and Soundbars, Right In Your Living Room

Engage your senses for an immersive theatrical experience in the comfort of your home SINGAPORE - M

Jumat,23 Oktober 2020

EML Payments: Storing up value

LONDON - EQS Newswire - 23 October 2020 - EML Payments is a specialist payment solutions provider wi

Jumat,23 Oktober 2020

Meet K-Drama Stars of New Series ''KAIROS'' on #TwitterBlueroom Live Before its Premiere

"Following Kpop, K-Drama is mesmerizing global fans--now on Twitter" Twitter announces

BERGABUNG DI SINI
KABAR POPULER
IKUTI BERITA KAMI