Ripple20 Vulnerabilities
For anyone who follows security and the IoT, the recently identified “Ripple20” vulnerabilities revealed by the Israeli firm JSOF will not be a surprise. However, as the number of connected devices continues to grow exponentially, what these recent flaws dramatically showcase is the extent to which we are becoming reliant on IoT devices in both our personal and business lives. And it is the same Internet that will continue to bring hackers to our devices’ front doors.
We all know that these types of attacks will continue to appear and evolve, but there is an element of hope that comes with Ripple20. Unlike Spectre and Meltdown, which exploited vulnerabilities baked into hardware making them hard to address, Ripple20 resides in low-level software libraries – and software can be modified and updated. In addition to the recommended interim steps to protect systems, like removing internet accessibility (an effective but likely impractical solution) and isolating key systems, in-field software updates could play a critical role in addressing Ripple20. This attack mitigation assumes the vendor contemplated in-field access to their devices and has a mechanism to deliver and perform these updates.
Not all devices support software updates, but users should consider this capability when looking to deploy long-life devices in the IoT. At Veridify, we have been developing DOME™ – our device ownership management and enrollment solution. DOME provides a unique platform to manage ownership of a processor from birth to retirement – and a key feature is delivering trusted packages of software to processors at the edge of the IoT, which can be used to update a device.