Millions of Internet-Connected Devices Need to be Patched After Vulnerability Issue, Singaporean CSA Alarms

Your devices connected to the internet might be one of the potential victims of the most recent vulnerability attacks, as spotted by Singapore's cybersecurity team.

Over hundreds of millions of devices require immediate security patching so the harm will no longer spread to the rest of the vulnerable equipment in the home, offices, and other establishments.

Singapore CSA Alerts Citizens of the Attack to the Internet-Connected Devices

Millions of Internet-Connected Devices Need to be Patched After Vulnerability Issue, Singaporean CSA Alarms
Pixabay from Pexels

In a report by The Strait Times, the cybersecurity firm of Singapore has alarmed everyone upon learning a huge cyberattack that has already infected more than 100 million devices.

If your devices are connected to the internet, there is a chance that it could be one of those highly vulnerable devices affected by the global attack.

In line with this, the Cyber Security Agency of SingCert (Singapore Computer Emergency Response Team) stated that immediate patching should be done by the administrators to the inflicted stacks.

The sectors that are most likely affected by this attack are those from the government and healthcare. Besides that, industries such as financial services, manufacturing, entertainment, and retail are also affected.

If you are familiar with the DNS(Domain Name System), it resembles a phone book that contains domain names where you can find IP addresses and URLs.The bugs have entered the system and as a result, they also recognize the devices connected to the internet.

According to the technical report of Forescout Research Labs, a known cyber-security giant, Name: Wreck is the name of the set of vulnerabilities found in the DNS. It has full control of the four TCP/IP stacks which serve as a channel of communication between networks in the form of the internet.

Forescout has estimated that at least 100 million devices are vulnerable worldwide, but not all devices empowering the stacks are deemed to be at risk.

Possible Devices that Could Be Infected by DNS-Related Vulnerabilities?

The countries that are mostly hit by the attack are the United States, Japan, Canada, and some European countries since they are said to have the biggest portion of equipment linked to the internet.

Here are the potential devices and equipment which could suffer from the cyberattack:

  • Wearable products, industrial equipment, smart locks, patient monitors, printers.

  • Network appliances and servers.

  • Smartphones, avionics systems, storage systems, defibrillators, ultrasound machines.

  • Self-driving cars, combat aircraft (unmanned), commercial aircraft, space rovers

  • Medical equipment (those that utilize magnetic resonance imaging) and manufacturing robots

"Unless urgent action is taken to adequately protect networks and the devices connected to them, it could be just a matter of time until these vulnerabilities are exploited, potentially resulting in major government data hacks, manufacturer disruption or hotel guest safety and security," Forescout said in the report.

Meanwhile, Singapore CSA spoke that an unknown attacker could take advantage of Name: Wreck and use it to disable website-connected ultrasound machines for them to acquire firmware updates.

Moreover, the bug could likely land on the said machines so they could download the firmware which is malware in disguise. After that, the malware will instruct the machines to hand the medical records to the attacker.

SingCert required the administrators to conduct proper network hygiene measures like vulnerable device isolation and external communication path restriction if patching is unavailable.

By visiting Forescout's project memoria site and research goodies, organizations could know if they are affected by the vulnerability attack.

This article is owned by Tech Times

Written by Joen Coronel

ⓒ 2024 TECHTIMES.com All rights reserved. Do not reproduce without permission.
Join the Discussion
Real Time Analytics