The Elephant in OT Environments: Wireless IIoT Security

09 Feb 2023

Internal OT networks are susceptible to malicious attacks due to wireless IIoT vulnerabilities. Is your OT network at risk?


Wireless IIoT vulnerabilities in OT environments

Wireless IIoT allows industrial companies to improve performance and productivity by digitizing processes and transforming business models. Industrial wireless IoT devices can be found throughout OT and critical infrastructure. While these devices have many benefits, they also introduce OT networks to new risks and make them susceptible to cyber attacks.

Recent research conducted by OTORIO examined the security of industrial wireless IoT devices, including industrial Wi-Fi access points and industrial cellular gateways and routers.

An Entry Point for Attack

Threat actors can exploit vulnerabilities in Wireless IIoT devices to gain initial access to internal OT networks. They can use these vulnerabilities to bypass security layers and infiltrate target networks, putting critical infrastructure at risk or interrupting manufacturing.

Wireless IIoT devices, through unsecured Wi-Fi networks, vulnerable management interfaces, or compromise cloud services, may enable threat actors to gain the first foothold into the internal OT network. Once a device is infected, an attacker can quickly spread to other devices on the network, compromising the entire OT environment, allowing them to disrupt and cause significant damage.

OTORIO’s vulnerability research

OTORIO's research focused on the vulnerabilities that may be exploited by an external attacker targeting access points, industrial cloud management platforms, and publicly accessible interfaces. These are highly attractive to attackers, as they do not require any initial access to a nearby network. The research demonstrated how vulnerable devices can be detected globally, revealing how easy it is to physically locate insecure and sensitive access points or publicly accessible web interfaces.

OTORIO detected several critical vulnerabilities that could allow attackers to remotely compromise Wireless IIoT devices with high privileges, without authentication. These vulnerabilities could provide full access to thousands of OT networks directly from the internet.

The low complexity of exploit, combined with the broad potential impact, makes wireless IIoT devices and their cloud-based management platforms an enticing target for attackers looking to breach industrial environments. The rapid growth of wireless IIoT devices in OT environments has led to a number of reliability, security, and management risks. Wireless IIoT devices can be vulnerable to unauthorized access, cyber attacks, and malware infections and should not be trusted on their own to handle the security demands of critical infrastructure and industrial environments.

A comprehensive IIoT and OT cyber security strategy is necessary to mitigate these risks, including implementing strong security measures, proper device management, and regular security assessments to identify and address network vulnerabilities.

What our Wireless IIoT research findings will show

Next week at the S4x23 ICS Security Event at the Loews Miami Beach Hotel, OTORIO security researcher Roni Gavrilov will present the findings of our novel wireless IIoT research. The presentation will showcase how threat actors can locate vulnerable industrial sites, exploit wireless IIoT devices that are publicly exposed, and target multiple devices by taking advantage of cloud platform vulnerabilities. Roni will also provide recommendations for companies to mitigate these risks.