In May, researchers at Microsoft discovered that a threat group known as Volt Typhoon, which is sponsored by the nation-state of China, was targeting U.S. critical infrastructure (CI) using living-off-the-land techniques. To gain initial access to targeted systems, attackers used internet-facing Fortinet Fortiguard security devices, which are meant to protect Internet of Things (IoT) devices.
Despite that, the Volt Typhoon attackers abused that hardware to do the exact opposite of what it was supposed to do. The result: Organizations in critical sectors like transportation, construction, government, information technology, and more were compromised.
Threats to the growing Internet of Things aren’t new. The FBI’s Internet Crime Complaint Center (IC3) issued a warning about IoT threats in 2015. A year later, in 2016, Mirai — a botnet made up of hundreds of thousands of compromised IoT devices — was linked to large scale distributed denial of service (DDoS) attacks.
[ See ConversingLabs interview: Modern Risks to the Internet of Things and Software Supply Chains ]
Security as an afterthought for IoT: No more
Despite these incidents, cybersecurity has remained an afterthought in the IoT space. The gap in the protection of IoT devices is what NetRise co-founder and CEO Thomas Pace is trying to solve for. His company works with organizations to better assess the cybersecurity of firmware and the devices that run it.
Pace believes that taking the time to unpack, reverse engineer and analyze firmware is the best way to ensure that organizations are protected from threat actors targeting embedded devices and are not flying blind when it comes to IoT risk. Based on what he has seen in this market, this is a must-have capability. Customers that rely on manufacturers to alert them to vulnerabilities or risks in their IoT devices may struggle to stay on top of scores or hundreds of vendor connections and find they are on the back foot when new IoT threats and attacks emerge.
Watch and learn with ConversingLabs
Recently, Pace visited the ReversingLabs booth at Black Hat USA and chatted with ConversingLabs host Paul Roberts. In this conversation, Pace gives an overview of the problems facing IoT devices, and the extent to which IoT devices can be abused. Pace also talks about how threat actors are expanding malicious campaigns to include attacks on IoT software supply chains.
See the full ConversingLabs episode with Pace, Modern Risks to the Internet of Things and Software Supply Chains, or listen to it wherever you get your podcasts.
Keep learning
• Get up to speed with our special report: CSF 2.0 and C-SCRM for Software Risk Management. Plus: See the related expert panel discussion.
• Understand key trends and get expert insights with our special report package: The State of Supply Chain Security (SSCS) 2024. Plus: Download the full State of SSCS report.
• Learn key factors and best practices for managing software supply chain risk with Gartner's guidance. Plus: Watch the related Webinar and get the Gartner Report courtesy of RL.
• Read about why you need to upgrade your AppSec tools for the SSCS era. Plus: Download and share RL's Buyer's Guide for SSCS.
Explore RL's Spectra suite: Spectra Assure for software supply chain security, Spectra Detect for advanced file analysis, Spectra Analyze for malware analysis and threat hunting, and Spectra Intelligence for reputation data and intelligence.