In May, researchers at Microsoft discovered that a threat group known as Volt Typhoon, which is sponsored by the nation-state of China, was targeting U.S. critical infrastructure (CI) using living-off-the-land techniques. To gain initial access to targeted systems, attackers used internet-facing Fortinet Fortiguard security devices, which are meant to protect Internet of Things (IoT) devices.
Despite that, the Volt Typhoon attackers abused that hardware to do the exact opposite of what it was supposed to do. The result: Organizations in critical sectors like transportation, construction, government, information technology, and more were compromised.
Threats to the growing Internet of Things aren’t new. The FBI’s Internet Crime Complaint Center (IC3) issued a warning about IoT threats in 2015. A year later, in 2016, Mirai — a botnet made up of hundreds of thousands of compromised IoT devices — was linked to large scale distributed denial of service (DDoS) attacks.
[ See ConversingLabs interview: Modern Risks to the Internet of Things and Software Supply Chains ]
Security as an afterthought for IoT: No more
Despite these incidents, cybersecurity has remained an afterthought in the IoT space. The gap in the protection of IoT devices is what NetRise co-founder and CEO Thomas Pace is trying to solve for. His company works with organizations to better assess the cybersecurity of firmware and the devices that run it.
Pace believes that taking the time to unpack, reverse engineer and analyze firmware is the best way to ensure that organizations are protected from threat actors targeting embedded devices and are not flying blind when it comes to IoT risk. Based on what he has seen in this market, this is a must-have capability. Customers that rely on manufacturers to alert them to vulnerabilities or risks in their IoT devices may struggle to stay on top of scores or hundreds of vendor connections and find they are on the back foot when new IoT threats and attacks emerge.
Watch and learn with ConversingLabs
Recently, Pace visited the ReversingLabs booth at Black Hat USA and chatted with ConversingLabs host Paul Roberts. In this conversation, Pace gives an overview of the problems facing IoT devices, and the extent to which IoT devices can be abused. Pace also talks about how threat actors are expanding malicious campaigns to include attacks on IoT software supply chains.
See the full ConversingLabs episode with Pace, Modern Risks to the Internet of Things and Software Supply Chains, or listen to it wherever you get your podcasts.