The attack hit multiple locations, using the devices as soft access points into wider corporate networks. Just days ago, I reported that security researchers at Armis had disclosed multiple zero-day vulnerabilities in VxWorks, the operating system that powers more than 2 billion IoT devices around the world. But the risk was that those devices would provide access points into corporate networks, rendering network security layers useless. "IoT devices are purposefully designed to connect to a network and many are simply connected to the internet with little management or oversight," Microsoft pointed out in their blog. Once the actor had successfully established access to the network, a simple network scan to look for other insecure devices allowed them to discover and move across the network—dropping a simple shell script to establish persistence on the network which allowed extended access to continue hunting. If devices are plugged into a corporate network and can see the outside world they become vulnerabilities.
Support the originator by clicking the read the rest link below.
