Global cyberwar: Endpoints serve as gateways for hackers

  • NATO partners register “increased aggressive scanning activity” for vulnerabilities  
  • Routers, smart machines, manufacturing, and all networked assets make it easier for hackers to gain access  
  • IoT Inspector offers free security checks for critical infrastructures 

Dusseldorf, Germany, March 1, 2022 – The German Federal Office for Information Security (BSI) sent out its third warning letter to local companies and government agencies last week to warn of massive cyberattacks in the wake of the war in Ukraine. “Within a few days, the emergency of a war in Europe has become reality. Any IT infrastructure now requires special protection against hacking attacks, and alerts must be at the highest level. Critical infrastructure is especially at risk,” warns Jan Wendenburg, CEO of IoT Inspector. His team has developed the largest European platform for automated security checks of firmware on the Internet of Things. The scans detected by NATO, which point to hackers, include every gateway into an infrastructure to harm businesses, government agencies and institutions. Network building blocks such as routers, IP cameras, IP phones, system controllers, industrial production equipment, and smart buildings often serve as entry points.

Critical infrastructures particularly affected – IoT Inspector offers free security checks

IoT Inspector’s automated process allows for automated device firmware checks within minutes. Following warnings from the BSI and other international security authorities, IoT Inspector offers critical infrastructures a free security check to identify potentially dangerous IoT endpoints in just a few minutes. This allows for quick decision-making on whether to update or disconnect the devices from the network. Infrastructure operators can contact IoT Inspector directly to take advantage of this first aid quickly and without red tape.

Device manufacturers are also encouraged to close security gaps and fix them via firmware updates. Tests conducted in IoT Inspector’s lab found dangerous potential for successful hacking attacks in nearly every device. The danger here is greater than ever: the day before the Russian invasion of Ukraine, numerous distributed denial of service attacks, or DDoS, were recorded against Ukrainian critical infrastructure. As with previous DDoS attacks, so-called wipers were also found on Ukrainian computers. These programs are designed to delete data and render computers unusable – a typical weapon in cyberwar.

Scanning activity must be taken seriously

The aggressive scanning activity increasingly detected in networks around the globe in recent days is seen by the BSI as possible preparatory actions for later attacks. “The activities must be taken very seriously, and measures to counter them must be taken as quickly as possible,” says Jan Wendenburg of IoT Inspector. According to the BSI, however, collateral damage outside of Ukraine could not be ruled out, and the agency considered possible scenarios to include computer worms such as WannaCry and NotPetya, or targeted attacks on supply chains to attack basic services as well as energy, water, and medical facilities. A quick response is therefore necessary, according to IT experts at BSI and IoT Inspector. The faster risks are checked, the faster dangerous security gaps can be closed by manufacturers, IT departments and authorities.

About ONEKEY

ONEKEY (formerly IoT Inspector) is the leading European platform for automated security & compliance analysis for industrial (IIoT & ICS), manufacturing (OT) and Internet of Things (IoT) devices. Using automatically generated “Digital Twins” and “Software Bill of Materials (SBOM)” of devices, ONEKEY autonomously analyzes firmware for critical security vulnerabilities and compliance violations, all without source code, device, or network access. Vulnerabilities for attacks and security risks are identified in the shortest possible time and can thus be specifically remedied. Easily integrated into software development and procurement processes, the solution enables manufacturers, distributors, and users of IoT technology to check security and compliance quickly and automatically before use and 24/7 throughout the product lifecycle. Leading companies such as SWISSCOM, VERBUND AG and ZYXEL are using this platform today – universities and research institutions can use the ONEKEY platform for study purposes free of charge.

CONTACT:

Sara Fortmann

Marketing Manager

sara.fortmann@onekey.com

 

euromarcom public relations GmbH

+49 611 973 150

team@euromarcom.de

Share on facebook
Share on twitter
Share on pinterest
Share on linkedin
Share on xing
Share on email