“The HiSilicon vulnerability illustrates that connected devices continue to be brought to market with critical vulnerabilities that are the result of poor security practices and unclear sourcing of software components in the cyber supply chain” - Derick Naef, CEO of ReFirm Labs
FULTON, Md. (PRWEB) February 13, 2020
ReFirm Labs, a provider of the industry’s first proactive IoT and firmware security solutions, today announced a new capability of its Centrifuge Platform® that detects the presence of backdoors in the firmware of some digital and network video recorders (DVRs/NVRs) that use surveillance chips from HiSilicon, a subsidiary of Huawei. The firmware in question is used in devices from dozens of original equipment manufacturers.
“The HiSilicon vulnerability illustrates that connected devices continue to be brought to market with critical vulnerabilities that are the result of poor security practices and unclear sourcing of software components in the cyber supply chain," said Derick Naef, CEO of ReFirm Labs.
“This is the newest example of 3rd-party binaries being introduced into network-connected devices without proper security vetting or validation,” said Naef. “Whether these kinds of vulnerabilities are malicious or the result of human error, companies need to have better visibility into the security of their supply chain components. This kind of vulnerability demonstrates why there’s an important need to analyze the firmware of IoT devices before deploying them into networks.”
Firmware is the embedded operating software in the hardware of an IoT device. It is a commonly unprotected attack surface that attackers use to get a foothold in a network -- an unsecured IoT device is essentially an unlocked front door, which means that once attackers take over an IoT device, they can move laterally into a corporate network. Attackers actively exploit weaknesses in IoT security not to attack the devices themselves, but as a jumping off point for all kinds of malicious behavior, which could include DDoS attacks, malware distribution, spamming/phishing/account takeovers, click fraud, and credit card theft.
The HiSilicon backdoor allows an attacker to activate the built-in Telnet service and then use hardcoded passwords to gain control of a device. Such backdoors could then be exploited by bad actors for corporate espionage or government surveillance. According to security researcher Vladislav Yarmak, this particular backdoor has been deployed in at least three different versions of software development kits (SDKs) for the surveillance chips since 2013. Some security researchers have noted that the affected software SDKs likely came from Xiongmai, a Chinese electronics manufacturer with a well known reputation for delivering insecure IoT devices.
ReFirm Labs’ Centrifuge Platform® is the first solution that proactively manages the security of firmware -- a specific class of software that provides the low-level control for the hardware of an IoT device. Centrifuge Platform® can identify and report abnormalities and vulnerabilities in firmware in less than 30 minutes. It allows companies to quickly analyze their firmware for hidden dangers and respond immediately to potential weak spots. Highly scalable, automated and cloud-based, Centrifuge Platform® is a simple and reliable way for monitoring security across an entire system of deployed IoT devices without the need for agents or access to the network itself.
For more information about Centrifuge Platform®, go to https://www.refirmlabs.com/centrifuge-platform.
About ReFirm Labs
ReFirm Labs provides the industry’s first IoT and firmware security solutions that proactively vet, validate and continuously monitor IoT devices from hidden threats. Its flagship product, Centrifuge Platform®, detects and reports potential zero-day vulnerabilities, hidden crypto keys, backdoor passwords and known vulnerabilities in IoT devices without needing access to source code. ReFirm Labs’ technology has been proven to provide the insight and intelligence needed for users to proactively defend connected devices and maintain compliance and the integrity of supply chain security. Founded by a team of former NSA offensive cyber operators, ReFirm Labs is trusted by government agencies and Fortune 500 companies that operate in a wide variety of industries, including: telecommunications, cloud infrastructure and data centers, automotive, health care, utilities, and manufacturing. For more information, visit http://www.refirmlabs.com or follow on Twitter @ReFirmLabs.