TTPwire Vol. 1 · MITRE ATT&CK·Tagged

← All stories

F5 Labs

Breaking Down the Door to Emergency Services through Cellular IoT Gateways

2018-08-09 · Read original ↗

ATT&CK techniques detected

5 predictions
T1654Log Enumeration
79%
“the device within our lab, that is not much of a concern. however, if a nefarious actor were to gain access and download configurations, it could be another storyline altogether. figure 19 shows the available logging options provided by sierra. most of the useful logs are turned …”
T1584.008Network Devices
47%
“discovered in our research. moxa, digi, and cambium also came up, however, they didn ’ t represent a large portion of our scan results and we did not purchase any of their devices for testing in a lab. therefore, they are not included in this research piece, however, we do plan t…”
T1584.005Botnet
37%
“attacks iot devices to maintain long - term, persistent access for future offensive purposes. it is not a stretch of anyone ’ s imagination that russia — or any other adversarial nation - state — could compromise these devices, as well, and use them to their own advantage. but th…”
T1584.008Network Devices
34%
“as use cases on cellular iot manufacturers ’ websites. - mining, fossil fuels, energy ( refueling stations including and hydrogen refueling stations ), maritime, shipping, transportation, utility, hospitality, digital signage, and robotics industries. all of these industries need…”
T1190Exploit Public-Facing Application
30%
“discovered in our research. moxa, digi, and cambium also came up, however, they didn ’ t represent a large portion of our scan results and we did not purchase any of their devices for testing in a lab. therefore, they are not included in this research piece, however, we do plan t…”

Summary

If configured incorrectly, cellular IoT gateways can give attackers access to critical infrastructure, threatening human life in ways only Hollywood has conceived.