- NATO partners register “increased aggressive scanning activity” for vulnerabilities
- Routers, smart machines, manufacturing, and all networked assets make it easier for hackers to gain access
- IoT Inspector offers free security checks for critical infrastructures
Dusseldorf, Germany, March 1, 2022 – The German Federal Office for Information Security (BSI) sent out its third warning letter to local companies and government agencies last week to warn of massive cyberattacks in the wake of the war in Ukraine. “Within a few days, the emergency of a war in Europe has become reality. Any IT infrastructure now requires special protection against hacking attacks, and alerts must be at the highest level. Critical infrastructure is especially at risk,” warns Jan Wendenburg, CEO of IoT Inspector. His team has developed the largest European platform for automated security checks of firmware on the Internet of Things. The scans detected by NATO, which point to hackers, include every gateway into an infrastructure to harm businesses, government agencies and institutions. Network building blocks such as routers, IP cameras, IP phones, system controllers, industrial production equipment, and smart buildings often serve as entry points.
Critical infrastructures particularly affected – IoT Inspector offers free security checks
IoT Inspector’s automated process allows for automated device firmware checks within minutes. Following warnings from the BSI and other international security authorities, IoT Inspector offers critical infrastructures a free security check to identify potentially dangerous IoT endpoints in just a few minutes. This allows for quick decision-making on whether to update or disconnect the devices from the network. Infrastructure operators can contact IoT Inspector directly to take advantage of this first aid quickly and without red tape.
Device manufacturers are also encouraged to close security gaps and fix them via firmware updates. Tests conducted in IoT Inspector’s lab found dangerous potential for successful hacking attacks in nearly every device. The danger here is greater than ever: the day before the Russian invasion of Ukraine, numerous distributed denial of service attacks, or DDoS, were recorded against Ukrainian critical infrastructure. As with previous DDoS attacks, so-called wipers were also found on Ukrainian computers. These programs are designed to delete data and render computers unusable – a typical weapon in cyberwar.
Scanning activity must be taken seriously
The aggressive scanning activity increasingly detected in networks around the globe in recent days is seen by the BSI as possible preparatory actions for later attacks. “The activities must be taken very seriously, and measures to counter them must be taken as quickly as possible,” says Jan Wendenburg of IoT Inspector. According to the BSI, however, collateral damage outside of Ukraine could not be ruled out, and the agency considered possible scenarios to include computer worms such as WannaCry and NotPetya, or targeted attacks on supply chains to attack basic services as well as energy, water, and medical facilities. A quick response is therefore necessary, according to IT experts at BSI and IoT Inspector. The faster risks are checked, the faster dangerous security gaps can be closed by manufacturers, IT departments and authorities.