logo
Dates

Author


Conferences

Tags

Sort by:  

Conference:  Black Hat Asia 2023
Authors: Roni Gavrilov
2023-05-12

The adoption of Industry 4.0 and IoT (IIoT) technologies into industrial business operations has brought great operational and economic benefits, but also introduced new risks and challenges. One of the major risks is the potential for central points of failure (the cloud), which in the industrial remote access scenario can leave many industrial companies reliant on a single IIoT supplier's security level.IIoT suppliers often provide cloud-based management solutions to remotely manage and operate devices. While some research has been conducted on the security of these IIoT devices' firmwares and protocols, there is still much to learn about the unexpected security risks emerging from their cloud-based management platforms.In our research, we focused on the cloud-based management platforms of three major IIoT gateway suppliers - Sierra Wireless, Teltonika Networks, and InHand Networks. When investigating how they might be exploited by malicious actors, we found out these types of platforms can act as the backdoor for accessing multiple industrial and critical environments at once, bypassing perimeter and defense-in-depth security measures. During the session, we will present three attack vectors that could compromise cloud-managed IIoT devices through their cloud-based management platforms. The discovered vulnerabilities impact thousands of devices in industrial environments, bypassing NAT and traditional security layers. We will provide an in-depth overview of these vulnerabilities and demonstrate multiple vulnerabilities including RCE over the internet, bypassing NAT and reaching directly to the internal network, without any pre-conditions. At the end of the session, we will suggest practical recommendations for asset owners, security architects and IIoT vendors.