Total Tests:

New Vulnerability Allows DDoS Attack and Data Exfiltration on Billions of Devices

By Alicia Hope for CPO Magazine
Tuesday, June 16, 2020

Home users are not directly affected by the CallStranger vulnerability unless their Internet-enabled devices have UPnP endpoints. They are therefore advised against port forwarding to UPnP endpoints.

Increased risks for the enterprise

With the Internet of things (IoT) becoming common in modern enterprise networks, the UPnP vulnerability increases the attack surface and makes it more likely for hackers to succeed in breaching networks. Hackers can now steal sensitive data through data exfiltration and shut down intranets by waging a DDoS attack on the host network. To prevent these forms of attacks, organizations could disable UPnP support for IoT devices with access to sensitive information. Isolating such devices from the enterprise network could also prevent such attacks from happening. However, updating the UPnP devices should be a priority for organizations.

Ilia Kolochenko, Founder & CEO of web security company ImmuniWeb says shadow IT and the complexity of IT infrastructure makes enterprise networks more vulnerable to attacks.

“Modern enterprises are characterized by a skyrocketing complexity of their IT infrastructure that may be dispersed across a hundred of countries and maintained by thousands of third parties. On one side, this makes organizations extremely vulnerable and susceptible to cyber-attacks such as ransomware, which exploit shadow IT devices, unprotected cloud and abandoned servers as an entry point into their victim’s premises. On the other side, however, this convoluted intricacy makes global attack virtually impossible, as some disjoint parts of the central system will continue working in isolation. It is nonetheless perfectly possible to identify the ‘heart and the brain’ of the system and target it directly with disastrous consequences.”

He adds that, “We will likely see professional cyber mercenaries being hired not just for data theft campaigns but for highly destructive and damage-creation hacking campaigns. Amid the political and economic crisis of the unprecedented scale, many unscrupulous organizations and state actors won’t hesitate to crush their rivals by paralyzing their computerized factories, supply management chains and sales points. Given how interconnected our IT infrastructure has become, thanks to the rapid proliferation of IoT devices and connected objects, one wisely prepared attack could swiftly shut down a global company for several weeks or even months. Visibility, inventory and continuous monitoring of your digital assets and data is the key to avoid falling victim to the sophisticated attacks.” Read Full Article


Book a Call Ask a Question
Close
Talk to ImmuniWeb Experts
ImmuniWeb AI Platform
Have a Technical Question?

Our security experts will answer within
one business day. No obligations.

Have a Sales Question?
Email:
Tel: +41 22 560 6800 (Switzerland)
Tel: +1 720 605 9147 (USA)
*
*
*
*
Your data will stay private and confidential