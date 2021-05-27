Cancel
CreatorsPublishersAdvertisers
View more in
Technology

Smart Manufacturers Face A Security Conundrum As They Tackle Emerging 5G Threats

By PR Newswire
Posted by 
TheStreet
TheStreet
 5 days ago

DALLAS, May 27, 2021 /PRNewswire/ -- Trend Micro Incorporated (TYO: 4704; TSE: 4704), a global cybersecurity leader, released in-depth research highlighting new threats to 4G/5G campus networks, many of which capitalize on the difficulty organizations have in patching critical OT environments.

The report details multiple attack scenarios and possible mitigations, using a testing environment designed to mimic a smart factory campus network.

To read a fully copy of the report, Attacks From 4G/5G Core Networks: Risks of the Industrial IoT in Compromised Campus Network, please visit: https://www.trendmicro.com/vinfo/us/security/news/internet-of-things/the-transition-to-5g-security-implications-of-campus-networks.

"Manufacturers are at the cutting edge of IIoT deployment, gearing up with 5G to tap the power of connectivity everywhere to drive greater speed, safety and efficiency. But with new technology comes new threats added to legacy challenges," said Yohei Ishihara, security evangelist for Trend Micro. "As the report warns, many are stuck in a bind—unable to afford the downtime necessary to patch critical system vulnerabilities that may otherwise be exploited. Fortunately, our extensive research also highlights multiple mitigations and best practices to protect the smart factories of today and tomorrow."

The report identifies several key entry points for attackers to compromise a core 4G/5G network:

  • Servers hosting core network services:targeting of vulnerabilities and weak passwords in these standard COTS x86 servers.
  • VMs or containers:these can also be exposed if the latest patches aren't applied promptly.
  • Network infrastructure: appliances are often overlooked during patching cycles.
  • Base stations: also contain firmware which needs to be updated from time-to-time.

Once the attacker gets in the core network from any of these entry points, they will attempt lateral movement in a bid to intercept and change network packets. By attacking industrial control systems in smart manufacturing environments like the test site, attackers could steal sensitive data, sabotage production, or hold organizations to ransom.

From the 11 attack scenarios demonstrated, one of the most potentially damaging involves targeting Microsoft Remote Desktop Protocol (RDP) servers, which are commonly used by IT and field engineers. The upgrade to 5G doesn't automatically protect RDP traffic, so attackers could use this access to download malware and ransomware, or directly hijack industrial control systems. RDP v 10.0 is the most secure version and may offer some protections against these attacks, but again it may be difficult for organizations to upgrade.

Among the recommendations made in the report to protect 4G/5G campus networks are:

  • VPN or IPSec to protect remote communication channels, including to remote sites and base stations
  • Application-layer encryption (HTTPS, MQTTS, LDAPS, encrypted VNC, RDP v10, and secure industrial protocols like S7COMM-Plus)
  • EDR, XDR or MDR to monitor attacks and lateral movement inside the campus and the containerized core network
  • Proper network segregation with VLAN or SDN
  • Prompt patching, where possible, of servers, routers and base stations
  • Anomaly detection products, like Trend Micro Mobile Network Security, which are campus network-aware and provide a robust way to cut off unlisted device/SIM card pairs

Building a mobile network in an enterprise environment involves both the end users as well as various stakeholders, including service providers and integrators. In addition, private 4G / 5G networks are large-scale infrastructure and have a long life, so once built, they are difficult to replace or modify. Therefore, it is essential to implement "security by default" to identify and mitigate security risks at the design stage.

About Trend MicroTrend Micro, a global cybersecurity leader, helps make the world safe for exchanging digital information. Fueled by decades of security expertise, global threat research, and continuous innovation, Trend Micro's cybersecurity platform protects hundreds of thousands of organizations and millions of individuals across clouds, networks, devices, and endpoints. As a leader in cloud and enterprise cybersecurity, the platform delivers a powerful range of advanced threat defense techniques optimized for environments like AWS, Microsoft, and Google, and central visibility for better, faster detection and response. With 7,000 employees across 65 countries, Trend Micro enables organizations to simplify and secure their connected world. www.TrendMicro.com.

View original content: http://www.prnewswire.com/news-releases/smart-manufacturers-face-a-security-conundrum-as-they-tackle-emerging-5g-threats-301300614.html

SOURCE Trend Micro Incorporated

TheStreet

TheStreet

New York City, NY
274
Followers
19K+
Post
51K+
Views
ABOUT

Follow the stock market today on TheStreet. Get business news that moves markets, award-winning stock analysis, market data and stock trading ideas.

 https://www.thestreet.com/
IN THIS ARTICLE
#Information Security#Infrastructure Security#5g#Iot Security#Iot Data#Technology Innovation#Global Security#Trend Micro Incorporated#Tse#Application#Mqtts#Ldaps#Vnc#Rdp V10#Xdr#Mdr#Proper#Vlan#Sdn Prompt#Trend Micro
YOU MAY ALSO LIKE
News Break
Microsoft
News Break
Data Security
News Break
Technology
News Break
Economy
News Break
Google
Related
Technologypowermag.com

A Systematic Approach to Checking Cybersecurity for Critical Infrastructure

When securing network assets, a long and often complex list of configurations must be performed to ensure industrial control systems have the appropriate cyber protection. This article presents a systematic and automatic approach to those security configurations, with an aim of decreasing the probability of implementing incorrect or incomplete configurations that can occur when performed manually.
Softwareatlantanews.net

Intelligent Platform Management Interface (IPMI) Market to See Huge Growth by 2026 | Intel, Super Micro Computer, Dell

Latest survey on Global Intelligent Platform Management Interface (IPMI) Market is conducted to provide hidden gems performance analysis to better demonstrate competitive environment of Intelligent Platform Management Interface (IPMI). The study is a mix of quantitative market stats and qualitative analytical information to uncover market size revenue breakdown by key business segments and end use applications. The report bridges the historical data from 2015 to 2020 and forecasted till 2026*, the outbreak of latest scenario in Global Intelligent Platform Management Interface (IPMI) market have made companies uncertain about their future outlook as the disturbance in supply chain and production line have made serious economic slump. Some are the key & emerging players that are Hewlett Packard Enterprise (Hpe) Company, Intel Corporation, Nec Corporation, Super Micro Computer, Inc., Dell Inc., Arm Holdings Plc, Cisco Systems, Inc., Emerson Electric Company, Microsoft Corporation & Softlayer Technologies, Inc..
Technologyaithority.com

What is InfoSec: Definition, Trends and Technology

Enterprise security has evolved around two new developments – Information Security and Cybersecurity. We will discuss Information Security and the latest trends in the industry in this article. Information Security typically referred to as InfoSec, could be a set of practices meant to secure information from unauthorized access or alterations,...
Softwareatlantanews.net

Integration Security Services Market to Observe Strong Development by Symantec ,IBM ,Cisco Systems

Latest released the research study on Global Integration Security Services Market, offers a detailed overview of the factors influencing the global business scope. Integration Security Services Market research report shows the latest market insights, current situation analysis with upcoming trends and breakdown of the products and services. The report provides key statistics on the market status, size, share, growth factors of the Integration Security Services. The study covers emerging player's data, including: competitive landscape, sales, revenue and global market share of top manufacturers are: Symantec Corporation (United States),IBM Corporation (United States),Cisco Systems, Inc. (United States),Trend Micro, Inc. (Japam),Sophos Group plc (United Kingdom),Optiv Security (United States),Microsoft Corporation (United States),CGI Group Inc (Canada),DynTek Inc.(United States)
Marketsbostonnews.net

Global Artificial Intelligence in Computer Networks Market by Solution Type, Deployment Model : Global Opportunity Analysis and Industry Forecast, 2020-2027

Global Artificial Intelligence in Computer Network Market was valued at USD 3.32 billion in 2018 which is expected to reach USD 26.38 billion by 2027, at a CAGR 46.54%. Artificial intelligence technology is used to solve complex problems and taking actions without human intervention. Computer networking is the process of using different data to indentify patterns and trends. Artificial intelligence is used to make better decision in computer networking industry. Technological advancements and innovations in artificial intelligence will grow the various industries inkling computer networking, over the forecast period.
TechnologyPosted by
TheStreet

ZINFI Receives SOC 2 Type 2 Data Security Attestation

PLEASANTON, Calif., June 1, 2021 /PRNewswire/ -- ZINFI Technologies, Inc., a company leading the definition and creation of Unified Channel Management (UCM) solutions, today announced it has successfully completed a System and Organization Controls (SOC) 2 Type 2 audit. Developed by the American Institute of Certified Public Accountants (AICPA), the SOC 2 information security standard is an audit report examining controls relevant to five trust services criteria: security, availability, processing integrity, confidentiality and privacy. A SOC 2 report describes a service organization's systems and whether the design of specified controls meets the relevant trust principles, and assesses the effectiveness of those controls over a specified period of time. Like its SOC 2 Type 1 report issued in June 2020, ZINFI's SOC 2 Type 2 report did not have any exceptions and was therefor issued with a "clean audit opinion."
Technologybizjournals

The hidden dangers of your cloud data

Most businesses today house their data in some type of public or private cloud, whether it is inside Microsoft 365 or another SaaS application, it is a common business practice. As organizations increasingly move data into cloud-based applications, many believe that traditional best practices, such as data backup and managed cybersecurity, are outdated. After all, SaaS applications are always available, accessible from anywhere, and highly redundant, so why is backup necessary?
Softwarebostonnews.net

IoT Softwares Market Shaping from Growth to Value | Cisco, McAfee, IBM, HP

Latest released the research study on Global IoT Softwares Market, offers a detailed overview of the factors influencing the global business scope. IoT Softwares Market research report shows the latest market insights with upcoming trends and breakdown of the products and services. The report provides key statistics on the market status, size, share, growth factors of the IoT Softwares. The study covers emerging player's data, including: competitive situation, sales, revenue and global market share of top manufacturers are Cisco (United States), Centri Technology (United States), Dell EMC (United States), McAfee (United States), Symantec (United States), Microsoft Corporation (United States), IBM Corporation (United States), HP (United States), Salesforce (United States). Free Sample Report + All Related Graphs & Charts @ : https://www.advancemarketanalytics.com/sample-report/117423-global-iot-softwares-market.
Softwaretechxplore.com

Automated detection of security vulnerabilities in cloud applications

Cloud computing is a growing market. But cyberattacks on cloud software systems are on the rise, too, as these applications often contain security vulnerabilities that hackers are able to exploit. CodeShield software—which is produced by the company of the same name—uncovers these vulnerabilities and fixes them using automated methods. CodeShield is a spin-off of the Fraunhofer Institute for Mechatronic Systems Design IEM and the Heinz Nixdorf Institute at Paderborn University.
Technologycisco.com

Cisco @ Equinix = Cloud Architecture at the Edge

There’s an adage that states if you’re not living on the edge, you’re taking up too much space. The same can be said for your network and datacenter infrastructure. Agile infrastructures that enable secure connectivity, flexibility, scalability and reliability, while delivering high-performance are imperative for dynamic business critical operations. According...
Technologyithinkbigger.com

Securing Your Business Under Increasing Cyber Threats

The most important thing we offer our clients is trust. They trust us with their mission-critical IT and communications services. And if we don’t do our jobs well, the ramifications can be significant for them. That is why I work every day to ensure our team focuses on delivering the...
Computerssecurityintelligence.com

Zero Trust or Bust: What It Is and Why It Matters to Data Security

How many different ways can data be compromised? First, both external and internal threats can target it. External threats can come in the form of malware or ransomware. Meanwhile, internal threats can come from malicious insiders working from behind trusted accounts. Insiders can become a threat simply by clicking a phishing link or being tricked by a social engineering attack. Missing a database update or minor misconfiguration could be just the hole an attacker needs to infiltrate a business. Zero trust is a framework that should address all of these potential attack vectors.
Computershelpnetsecurity.com

Endpoint complexities leaving sensitive data at risk

Absolute Software announced key findings from its report which shines a light on key trends affecting enterprise data and device security, and underscores the dangers of compromised security controls in expanding an already wide attack surface for today’s enterprises. Researchers estimate that the number of ransomware attacks grew by more...
Marketsaithority.com

AWS Public Sector Selects Buurst as a Strategic Provider for Smart Data Migration Workloads

Buurst, a leading enterprise-class data performance company, announced that Amazon Web Services (AWS) Public Sector has selected the company as a strategic provider for smart data migration. Buurst’s new Fuusion™ technology enables organizations to accelerate the migration of application workloads to AWS and AWS cloud-native services for data orchestration. “We...
TechnologyPosted by
TheStreet

Partner Platform Announces Integration With EPayPolicy

COLUMBUS, Ohio, June 1, 2021 /PRNewswire/ -- Now independent insurance agents using Strategic Insurance Software's Partner Platform agency management system, can easily take digital payments making it convenient, simple and secure for their insureds to pay premiums directly from the agency website, client portal, or agency mobile app. Partner Platform...