Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

ICS/OT

Vulnerable Out of Band Consoles Put Industrial Assets at Risk

Researchers Find Internet-Exposed, Poorly Protected Out of Band Consoles Commonly Used in Maritime and Oil & Gas Industries

Researchers Find Internet-Exposed, Poorly Protected Out of Band Consoles Commonly Used in Maritime and Oil & Gas Industries

Vulnerable, improperly protected Out of Band (OOB) consoles expose ships, drilling rigs, remote shore-based facilities, and even mobile vehicles to attackers, researchers from security firm Pen Test Partners warn.

The use of OOB management proves highly useful in the event of equipment failure or lost satellite connections, especially since it incurs significantly lower costs compared to having to fly in an engineer to remedy the situation. 

Learn More: Explore Industrial Cybersecurity at SecurityWeek’s ICS Cyber Security Conference

OOB consoles found on-site ensure that incidents can be resolved fast, via a backup satcom connection. What may cause an issue, however, is keeping poorly protected OOB consoles exposed to the Internet, Pen Test Partners’ Ken Munro says

Numerous Uplogix 3200 devices – an OOB console that protects passwords poorly (CVE-2019-12873) and which has reached end-of-life (EOL) four years ago – can be found connected to the public Internet, which poses a great risk for their owners. 

Normally, physical access to the device is required to recover credentials, but credentials are often re-used across sites and devices resold, not to mention that weak credentials render devices susceptible to brute force. 

Advertisement. Scroll to continue reading.

“Brute force can take a lot of bandwidth. A lot of bandwidth on a high-latency connection. A very expensive connection. Ping responses can take 700ms or more,” Munro points out. 

A Shodan search revealed over 50 devices connected to the Internet, most of them in the United States. Attacks on them could either result in device compromise or a huge bill for the victim, given the costly connection, the researchers argue. 

However, OOB management devices that use cellular data can also be targeted if not properly secured. 

The eWon Flexy Internet of Things router, for example, uses default credentials (adm/adm), protects security keys rather poorly, and also exposes encrypted VPN Private Certificate. And there are roughly 3500 of such devices accessible from the public Internet, the researchers say. 

While keeping OOB consoles out of the Web (behind a NAT) and ensuring that strong credentials are used should mitigate risks, there are plenty of other issues that impact maritime security overall, Pen Test Partners’ Nigel Hearne reveals. 

Over the past year, the researchers noticed reoccurring issues such as the lack of understanding and interaction between IT and OT, deliberate bypass of security features, poor configuration and management, and “terrible” security provided by maritime technology vendors. 

During their pen testing of ships and rigs in 2019, the researchers found a long list of issues, such as a maritime-specific security product that was vulnerable, poor documentation of on-board networks, Wi-Fi access points connected to critical systems, dual-homed PCs bridging networks, supplier remote access systems still in place, password re-use, default credentials, and lack of adequate patching. 

Related: Hackers Can Hijack, Sink Ships: Researchers

Related: Maritime Cybersecurity: Securing Assets at Sea

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

SecurityWeek’s Threat Detection and Incident Response Summit brings together security practitioners from around the world to share war stories on breaches, APT attacks and threat intelligence.

Register

Securityweek’s CISO Forum will address issues and challenges that are top of mind for today’s security leaders and what the future looks like as chief defenders of the enterprise.

Register

Expert Insights

Related Content

CISO Strategy

Cybersecurity-related risk is a top concern, so boards need to know they have the proper oversight in place. Even as first-timers, successful CISOs make...

ICS/OT

The overall effect of current global geopolitical conditions is that nation states have a greater incentive to target the ICS/OT of critical industries, while...

ICS/OT

Wago has patched critical vulnerabilities that can allow hackers to take complete control of its programmable logic controllers (PLCs).

ICS/OT

Cybersecurity firm Forescout shows how various ICS vulnerabilities can be chained for an exploit that allows hackers to cause damage to a bridge.

ICS/OT

More than 1,300 ICS vulnerabilities were discovered in 2022, including nearly 1,000 that have a high or critical severity rating.

ICS/OT

Otorio has released a free tool that organizations can use to detect and address issues related to DCOM authentication.

Cybersecurity Funding

Internet of Things (IoT) and Industrial IoT security provider Shield-IoT this week announced that it has closed a $7.4 million Series A funding round,...

ICS/OT

Siemens and Schneider Electric address nearly 100 vulnerabilities across several of their products with their February 2023 Patch Tuesday advisories.