IOT Devices operating worldwide are vulnerable to Name Wreck Bug

232

A new discovery has been made by security experts that could pose as a danger to over 100 million IOT devices operating worldwide. Dubbed as Name: Wreck, the bug allows hackers to exploit devices through a set of DNS Vulnerabilities.

Israel-based Cybersecurity Consultation offering firm Forescout was the first to discover this vulnerability and estimated that over 36k devices in UK alone could have impacted by the bug.

Forescout team of security experts say that the bug can either remotely execute the code or launch denial of service attack targeting many of the servers operating in government, enterprise and healthcare agencies including those belonging to manufacturing sector.

Some of the hypothetical scenarios that could be raised by hackers include extorting payments from victimized firms by disrupting critical infrastructure in manufacturing companies, hospitals and hotels along with retail facilities.

Data theft from government agencies can not be ruled out and the hackers can exploit the IoT network framework to install espionage related tools.

Forescout is recommending to companies to rely more on internal DNS servers by segmenting the network that could limit the exposure to cyber attacks. Also, upgrading all legacy applications that run IoT devices for mission critical needs can also help cut down risks.

Unless companies show interest in securing their network and devices, the vulnerability exploits can lead to significant and widespread disruptions said Daniel Dos Santos, the Manager at the Forescout Research Labs.

Naveen Goud is a writer at Cybersecurity Insiders covering topics such as Mergers & Acquisitions, Startups, Cyber Attacks, Cloud Security and Mobile Security