• Iot Forum
  • About us
  • Write for us
  • Contact us
  • Newsletter signup
IOT News - Internet of Things
  • IoT Forum
  • Hardware
    • Networking
  • Smart Home
  • Digital Transformation
    • All
    • Artificial Intelligence
    • Blockchain IoT
    • Enterprise IoT
    • Industrial IoT
    • Machine Learning
    • Smart City
    CES 2022 show highlights: Robo-dogs, self-sailing boat, brain tech

    CES 2022 show highlights: Robo-dogs, self-sailing boat, brain tech

    Quanergy and iCent to Showcase Advanced Electric Vehicle Charger Robot at #CES2022

    Quanergy and iCent to Showcase Advanced Electric Vehicle Charger Robot at #CES2022

    Awake Security Advances AI-powered Security for Faster Threat Protection and Remediation

    UN urges moratorium on AI tech that threatens rights

    • Wearables
    • Artificial Intelligence
    • Machine Learning
    • Industrial IoT
  • Cloud
  • Security
  • 5G IoT
  • Cars
No Result
View All Result
  • IoT Forum
  • Hardware
    • Networking
  • Smart Home
  • Digital Transformation
    • All
    • Artificial Intelligence
    • Blockchain IoT
    • Enterprise IoT
    • Industrial IoT
    • Machine Learning
    • Smart City
    CES 2022 show highlights: Robo-dogs, self-sailing boat, brain tech

    CES 2022 show highlights: Robo-dogs, self-sailing boat, brain tech

    Quanergy and iCent to Showcase Advanced Electric Vehicle Charger Robot at #CES2022

    Quanergy and iCent to Showcase Advanced Electric Vehicle Charger Robot at #CES2022

    Awake Security Advances AI-powered Security for Faster Threat Protection and Remediation

    UN urges moratorium on AI tech that threatens rights

    • Wearables
    • Artificial Intelligence
    • Machine Learning
    • Industrial IoT
  • Cloud
  • Security
  • 5G IoT
  • Cars
No Result
View All Result
IOT News - Internet of Things
No Result
View All Result
Home Security

ExtraHop Threat Research Team Finds One in Three IT Environments Vulnerable to Ripple20 Threat

Report from ExtraHop predicts broad exploitation of devices in a wide range of industries utilizing Treck software

IoTNews.com by IoTNews.com
September 11, 2020
in Security
0
AWS Announces General Availability of Amazon Fraud Detector
13
SHARES
76
VIEWS
Share on FBShare on TwitterShare on LinkedinReddit

SEATTLE: ExtraHop, the leader in cloud-native network detection and response, today issued a report warning of the potential impact of the Ripple20 vulnerabilities if affected software goes undetected and unpatched. Analyzing data across its customer base, ExtraHop threat researchers found that 35% of IT environments are vulnerable to Ripple20. The Ripple20 threat is a series of 19 vulnerabilities found in the Treck networking stack, a low-level TCP/IP software library developed by Treck Inc. that is commonly used by device manufacturers across many industries, including utilities, healthcare, government, and academia. The impact of this threat “ripples” through complex software supply chains, making it a difficult vulnerability to mitigate.

The JSOF threat research organization found the Ripple20 vulnerability (CVE-2020-11901) in June 2020, and unveiled the details to impacted device manufacturers and security vendors to give them ample time to deploy patches and create detections before releasing their findings to the general public. The ExtraHop threat research team studied customer data and discovered vulnerable software in one out of every three IT environments. With industry average dwell times hovering around 56 days, these devices are a ticking time bomb if left alone. ExtraHop experts predict that this exploit will be widely used by attackers as an easy backdoor into networks across industries around the globe.

“The devices that utilize the Treck stack are far-reaching with the potential for vast exploitation,” said Jeff Costlow, CISO, ExtraHop. “A threat actor could conceivably use this vulnerability to hide malicious code in the embedded devices for an extended period of time, and traditional endpoint or perimeter security solutions like EDR or NGFW will not have visibility into this set of exploits.”

Visibility and behavioral analysis of managed and unmanaged devices, including IoT, and visibility into unusual activity from potentially exploited devices within an organization’s east-west traffic, are table stakes for a secure network. Organizations can take a number of steps to help mitigate the risk from Ripple20.

ExtraHop mitigation recommendations include:

  • Patching: Vendors utilizing the Treck Software were given early access to the threat details so they could start producing patches immediately. Unfortunately, a large number of devices have discontinued support, which has made it difficult to account for all vulnerable device makes and models.
  • Removal from Service: If a patch is unavailable for the affected device, it’s recommended that organizations consider removing devices from service entirely and replacing them with known secure devices. Removing the device will improve hygiene and compliance, critical for keeping environments secure.
  • Monitor for Scanning Activity: Before a vulnerable device can be compromised, attackers must first find it. Organizations will need to assess their own practices to understand and monitor which scans are legitimate and which could indicate malicious intent.
  • Exploit Detection: Because not all vulnerable devices may be identified and patched, it is crucial that organizations detect unusual activity resulting from a Ripple20 exploit as it occurs, such as lateral movement and privilege escalation. Network-based detection is a requirement in this case because embedded devices that use the Treck software will not support endpoint agents.
  • Isolate Vulnerable Devices: In circumstances where it is not possible to patch affected devices, it is recommended that security teams take the following steps:
    • Verify devices are not publicly accessible
    • Move devices to a network segment isolated from local subnets
    • Drop all IP-in-IP traffic destined for affected devices
    • Drop all IPv6 traffic destined for affected devices

Read full report in PDF format

JOIN OUR IoT COMMUNITY
IoTForums.com
×
Continue to iotForums.com
Internet of Things platforms, projects, development, devices & support forum
for developers and enthusiasts
Tags: cybersecurityExtraHopiot devicesiot security
Share5Tweet3Share1Share
Previous Post

Machine-learning nanosatellites to monitor global trade

Next Post

Spain to invest 600 mn euros in artificial intelligence

Related Posts

Enhanced NETGEAR Armor Helps Deliver Next-Gen Protection for Connected Devices

Enhanced NETGEAR Armor Helps Deliver Next-Gen Protection for Connected Devices

by IoTNews.com
August 11, 2021
0

NETGEAR, Inc. (NASDAQ: NTGR), the leading provider of award-winning connected products designed to simplify and improve people's lives, today announced...

30 Golden Rules for Online Security and Browsing the Internet safely

30 Golden Rules for Online Security and Browsing the Internet safely

by IoTNews.com
June 27, 2021
0

I initially developed this list to help family members browse the internet safely and secure their computers and cryptocurrency wallets....

Awake Security Advances AI-powered Security for Faster Threat Protection and Remediation

Awake Security Advances AI-powered Security for Faster Threat Protection and Remediation

by IoTNews.com
July 24, 2020
0

Awake Security, the only advanced network detection and response company that delivers answers, not alerts, today announced platform enhancements that...

IoT Forum Discussions

How to Build a Smart Home App

Everyone desires comfort and security in their daily lives. However, the current situation is moving so quickly that people are wondering when they will be lonely in their lives. Imagine coming back to find that everything has been automated and is ready! Let it be evening tea with a favourite song playing in the background. Isn't your solitary life about to change forever after that? The arrival of IoT promises limitless possibilities for changing people's lives, and smart homes are one... How to Build a Smart Home App [...]

How IoT App Development is Changing the Oil and Gas Industry

IoT essentially is an arrangement of gadgets and framework related with the web. With the IoT, these frameworks can pass information on to other related gadgets. Like for some different ventures, today the modern web of things (IIoT) is the eventual fate of the oil and gas industry also. As the web of things' (IoT) organization of gadgets, sensors, and programming understands the adjustment of purchaser's regular day to day existences, this particular industry is falling behind. Oil and gas... How IoT App Development is Changing the Oil and Gas Industry [...]

SUBSCRIBE TO OUR FREE NEWSLETTER
* we never share your e-mail with third parties.
SUBSCRIBE NOW

Categories

  • 5G IoT
  • Artificial Intelligence
  • Blockchain IoT
  • Cloud Computing
  • Connected Car
  • Digital Transformation
  • Enterprise IoT
  • Industrial IoT
  • IoT Hardware
  • Machine Learning
  • Networking
  • Security
  • Smart City
  • Smart Home
  • Wearables

Stay Connected with IoTNews

IOT News - Internet of Things

© 2020 IoTNews.com

Navigate Site

  • Home
  • About us
  • Write for us
  • Contact Us
  • Newsletter signup

Follow Us

No Result
View All Result
  • IoT Forum
  • Hardware
    • Networking
  • Smart Home
  • Digital Transformation
    • Wearables
    • Artificial Intelligence
    • Machine Learning
    • Industrial IoT
  • Cloud
  • Security
  • 5G IoT
  • Cars

© 2020 IoTNews.com