Press Releases

R&S Unified Firewalls said to protect IoT devices from Ripple20

June 29, 2020

Posted by: Anasia D'mello

A set of critical security vulnerabilities collectively known as Ripple20 is impacting the Internet of Things (IoT). A vulnerable TCP/IP implementation is endangering millions of smart devices in private households, industrial plants and hospitals — and thus even human lives.

Now, LANCOM reports that its R&S Firewalls product offers protection against these critical attacks.

Ripple20 targets the TCP/IP stack in hundreds of millions of IoT devices in all industries and sectors and makes them vulnerable to remote attacks. This includes networked power sockets, industrial control sensors, medical systems, and devices operating in critical infrastructures. The consequences can be dramatic: Incorrect sensor data can cause damage to industrial plant costing millions, and the general power supply could be massively disrupted. The hacking of infusion pumps or x-ray equipment in hospitals could endanger human lives. In office buildings or smart homes, doors can be opened or alarm systems deactivated without authorisation.

Ripple20 was discovered by the security researchers at JSOF, who confirm the serious nature of the vulnerabilities: “An attacker can gain complete control over the targeted device remotely, with no user interaction required.” Just how critical these vulnerabilities are is also shown by the evaluation of the US-CERT with the highest score of 10 (out of 10) on the CVSSv3 scale.

TCP/IP stack as a target for years to come – UTM firewalls offer protection

Even though these security loopholes are not an issue for the current version of the TCP/IP stack, the problem remains because the majority of IoT devices and smart home devices simply cannot be updated. The vulnerable stack is likely to live on for years to come.

This is where LANCOM R&S Firewalls provide the necessary protection. They detect and block the Ripple20 attack packets. The requirements are full UTM support, which is available in all models from the UF-200 upwards, and the activation of IPS/IDS. Signatures are updated daily to detect and block the malicious Ripple20 data packets.

When operated facing the internet, a LANCOM R&S Firewall is said to shield the entire internal network behind it from dangerous attacks, including any IoT equipment and smart devices.

Comment on this article below or via Twitter @IoTGN