NEWS
NEWS
NEWS
GarrettCom Switches Open to Attack, Warns ICS-CERT
A researcher has discovered that some of the GarrettCom’s switches are open to hacker attack, as there is a hard-coded password in a default account on the devices that may allow for quick control by malicious parties.
Unfortunately, these switches are deployed in a number of critical infrastructure industries, leaving them in jeopardy.
The loophole was discovered by a researcher who warned ICS-CERT about it. As soon as DHS got to know about this, they released an updated version of the application that addresses the vulnerability. Besides, a comforting actor in the GarrettCom release is that an attacker would need to have access to an existing account on an affected switch in order to exploit the vulnerability to escalate his privileges.
“The Magnum MNS-6K Management Software uses an undocumented hard-coded password that could allow an attacker with access to an established device account to escalate privileges to the administrative or full-access level. While an attacker must use an established account on the device under attack, this vulnerability facilitates the circumvention of physical-connect safeguards and could allow complete administrative level access to the system, compromising system confidentiality, integrity, and availability. Successful exploitation of this vulnerability from an established account on the system could allow escalation of privileges to full administrative access. The privilege escalation could provide the attacker a vector for making changes to settings, or initiating a complete device shutdown causing a denial of service (DoS),” the ICS-CERT advisory says.
Prior to this, ICS-CERT released a report that informs a whopping increase in the number of infrastructure cyber attacks “cyber incidents” in the past few years. According to the report, among all incidents in 2011, around 41 percent were related to the Water Sector, and this was due to use of a large number of internet-facing control system devices. Rest is specific to government facilities, energy sector, nuclear, chemical, transportation, national monuments, IT, critical manufacturing, and communication segments.
Tools like Splunk come into play when there is a need for identification of real threats. Splunk uses Big Data systems to provide capability for deep real-time analysis, and delivers powerful languages that put the ability to query ongoing changing and data in the hands of technicians who may need those alerts to be prepared for both the expected and unexpected.
A message from John Furrier, co-founder of SiliconANGLE:
Support our mission to keep content open and free by engaging with theCUBE community. Join theCUBE’s Alumni Trust Network, where technology leaders connect, share intelligence and create opportunities.
- 15M+ viewers of theCUBE videos, powering conversations across AI, cloud, cybersecurity and more
- 11.4k+ theCUBE alumni — Connect with more than 11,400 tech and business leaders shaping the future through a unique trusted-based network.
About SiliconANGLE Media
SiliconANGLE Media is a recognized leader in digital media innovation, uniting breakthrough technology, strategic insights and real-time audience engagement. As the parent company of SiliconANGLE, theCUBE Network, theCUBE Research, CUBE365, theCUBE AI and theCUBE SuperStudios — with flagship locations in Silicon Valley and the New York Stock Exchange — SiliconANGLE Media operates at the intersection of media, technology and AI.
Founded by tech visionaries John Furrier and Dave Vellante, SiliconANGLE Media has built a dynamic ecosystem of industry-leading digital media brands that reach 15+ million elite tech professionals. Our new proprietary theCUBE AI Video Cloud is breaking ground in audience interaction, leveraging theCUBEai.com neural network to help technology companies make data-driven decisions and stay at the forefront of industry conversations.
