Urgent/11 is the Enemy from Within

Apr 3, 2019 1:26:20 PM / by Maryann Pagano

The enemy from within is a leading plot twist for thrillers, making the audience gasp when they realize someone or something they trusted deeply has betrayed them.

Urgent/11, named by researchers at Armis for the 11 vulnerabilities found in Wind River VxWorks, is that enemy, broadcasting malicious packets throughout the network and breaching all vulnerable devices at once.

Multiply that by the number of enterprise, industrial and medical devices running this real-time operating system and you have a hacker’s paradise. To add to the malevolence of this attack, even devices that are connecting out to the internet can be taken over with no user interaction required. This includes SCADA systems, elevators, industrial controllers, patient monitors, MRI machines, firewalls, routers, satellite modems, VoIP phones and printers.

That’s a lot of compromised systems.

Using a specially crafted TCP packet, malicious agents can take control of a network’s firewalls and gather them into a botnet, thereby compromising the entire network. You can see for yourself by checking out Armis’ demo videos.

Though Armis estimates more than 200 million devices have been affected, Wind River counters that they “think millions is the best/most accurate way to characterize the number of affected devices.” Either way, there’s an awful lot at stake.

Wind River is addressing the issue with patches and mitigation options. It’s a fix to the immediate problem, but what about the next attack — since we all know there will be another. Maybe not Wind River, but all tech is just waiting to be ransacked.

Armis advises that one way you can protect yourself from attacks like this is to monitor your devices’ behaviors to see if they have been compromised. That’s a pretty big job, but with the right partners to help, you can protect yourself and your organization.

Partnering with leading security vendors, BlackHawk Data’s experts support a variety of technologies so we can provide you with data insights, intrusion detection, compliance monitoring and vulnerability scanning. We take a holistic approach to security, securing from the endpoint to the edge with a focus on data visibility.

The more people you have monitoring your network, the less likely you’ll be a victim to vulnerability.

Contact us and see what BlackHawk Data can do for you.

 

Get in touch with us today.

Let us help you reach your goals

Contact Us

BlackHawk Data Headquarters

  • 505 8th Avenue
  • Suite 12A-03
  • New York, NY 10018

BlackHawk Data NJ Office

  • 50 Williams Parkway
  • Suite G
  • East Hanover, NJ 07936
© 2024 by BlackHawkData, LLC