Security News > 2020 > December > Millions of Unpatched IoT, OT Devices Threaten Critical Infrastructure
According to researchers at Armis, a whopping 97 percent of the OT devices impacted by URGENT/11 have not been patched, despite fixes being delivered in 2019.
"URGENT/11 could allow attackers to remotely exploit and take over mission critical devices, bypassing traditional perimeter and device security. Every business with these devices needs to ensure they are protected," said Yevgeny Dibrov, CEO and co-founder of Armis, when the bugs were discovered.
"The vulnerabilities in these unmanaged and IoT devices can be leveraged to manipulate data, disrupt physical world equipment, and put people's lives at risk."
The bugs can allow attackers with an existing foothold in the network to break through network-segmentation efforts and remotely take over millions of devices.
"Most of the IT, internet of medical things, OT and IoT devices lack any means of installing cybersecurity software or agents, which means you need to have agentless protection capable of discovering every device in the environment and detecting vulnerable code on devices," Seri added.
News URL
https://threatpost.com/unpatched-iot-ot-devices-threaten-critical-infrastructure/162275/
Related news
- SOCI Act 2024: Thales Report Reveals Critical Infrastructure Breaches in Australia (source)
- Food security: Accelerating national protections around critical infrastructure (source)
- SANS Institute Unveils Critical Infrastructure Strategy Guide for 2024: A Call to Action for Securing ICS/OT Environments (source)
- Russian military hackers linked to critical infrastructure attacks (source)
- 80% of Critical National Infrastructure Companies Experienced an Email Security Breach in Last Year (source)
- Despite Russia warnings, Western critical infrastructure remains unprepared (source)
- Critical Flaw in Microchip ASF Exposes IoT Devices to Remote Code Execution Risk (source)