Meet Armis at Black Hat 2024

Learn More
Feb 05, 2019

SHIoT HAPPENS: Digital Microscope a Target for WannaCry?

industry 4.0 circuit board

Across virtually every industry, IoT and other new connected technologies deliver unique benefits and streamline the ways things get done. This is often a double-edged sword though because, for every advantage connected devices deliver, there’s usually some additional risk. High-tech lab equipment is one such example.

Microscopes have been around for more than 400 years, and since their invention, their core function has remained relatively unchanged. But new high-tech, digital microscopes include touchscreen displays and use embedded computer systems that extend their functionality and improve usability and accuracy. And some microscopes today have Ethernet and Wi-Fi connectivity that allows them to communicate across a network or with remote devices or PCs. Advancements like these provide businesses with a number of advantages:

  • Faster, easier, more accurate sample analysis
  • Simplified coordination and cooperation between teams or organizations
  • Centralized data storage for real-time collaboration from anywhere

But while the future of research is obviously bright, the risks of making lab equipment “smart” and putting it on a network are quite dark.

Connectivity First, Security Second

First of all, like any connected device, if a microscope can communicate over a network or over the Internet, then clever attackers can own it. Even if lab equipment is kept on an air-gapped network for high-risk applications, the practicality of this design is eroding in a hyper-connected world that requires Internet access. And manufacturers today increasingly include out-of-band connectivity features attacks can use to bypass airgaps altogether, like Bluetooth and BLE.

Secondly, digital microscopes, like those used in clinical testing and lab research environments, frequently run embedded versions of old operating systems. These unsupported operating systems, like Windows CE or Windows XP, have a variety of known vulnerabilities that will never be fixed. Frequently, their user interfaces are designed to meet industry-specific needs, with no direct access that enables someone to work with the underlying operating system. This cripples the ability to patch or update these devices manually and leaves them vulnerable unless and until a device manufacturer pushes a firmware or system update electronically. But if these devices are connected, they are exposed.

Costly—and Possibly Dangerous—Disruptions

The reality is there are a variety of ways seemingly immune equipment like microscopes have been exploited to wreak havoc. Vulnerabilities exploited on connected internet-of-things lab equipment, medical devices, or manufacturing systems can result in costly problems. Critical equipment could:

  • Become compromised to send bad data that affect quality or productivity.
  • Provide a convenient foothold to spread malware to other devices on the network.
  • Be added to an army of botnet machines used for a larger, widespread attack.

In fact, cybercrimes that seize equipment using embedded operating systems is already a very real concern. Just a year ago that Boeing was hit by a WannaCry attack on equipment that uses embedded operating systems. Not long after that, medical devices started getting hit by ransomware attacks. Even device manufacturers started sounding the alarm that equipment using these operating systems were particularly at risk.

Could the humble digital microscope be next? It has been.

Protect and Secure the Enterprise of Things

Everything that has an IP address and connects to a network is at risk. Even for IoT devices with embedded operating systems and no direct way to patch vulnerabilities or protect against attacks, you still need to ensure they are secure. The problem is that traditional network security tools and cybersecurity best practices are not equipped to monitor or protect the IoT world.

IoT devices have become the new normal, but vendors are only now developing a better understanding of security concerns. Hopefully, over time, devices will be designed with better security from the ground up. In the meantime, though, you still need a way to secure and protect all of the devices connected to your network.

Effective protection of connected devices and IoT lab equipment requires comprehensive visibility and the capability to effectively and accurately inventory, assess, and monitor all devices on the network. That includes legacy devices and unmanaged devices that can’t be updated and don’t provide any means of installing an agent or security software directly on the device itself.

Get Updates

Sign up to receive the latest from Armis.