A manipulated Raspberry Pi was discovered in a Peripheral Device, in the natural gas industry. It was found that a Microsoft mouse had a Raspberry Pi module hidden inside and had gone undetected within environment for months…
The module programmed the Raspberry Pi to execute a PowerShell script, constructing and activating a concealed communication channel through the wireless interface. This allowed it to bypass the air-gapped environment and exfiltrate highly sensitive data.
How Sepio detect Raspberry Pi on Peripheral Devices
Sepio detected the Raspberry Pi attack tool by collecting Physical Layer (L1) information on the endpoint which determined the presence of the manipulated peripheral device. The Physical Layer Visibility provided information on which endpoint machine the device was connected. Which accelerated the investigation.
Enterprises face the challenge of accurately gaining visibility into hardware assets, particularly in today’s complex IT/OT/IoT landscape. To tackle this issue, one must achieve comprehensive visibility into their hardware assets, irrespective of their characteristics and the connection interface used by potential attackers.
Sepio’s Asset Risk Management (ARM) platform is the leader in Visibility, Control and Mitigation of hardware assets. Is disrupting the cybersecurity industry by uncovering hidden hardware attacks operating over network and USB interfaces.
Sepio’s solution, identifies, detects and handles all network devices including peripherals. No device goes unmanaged.
Sepio Benefits
Complete visibility of all hardware assets
With all devices and anomalies detected, enterprises benefit from a greater overall cybersecurity posture. Gaining full visibility of all hardware devices, from Raspberry Pi on peripheral devices to endpoint peripherals and connected devices (IT/OT/IoT), Sepio uses unique physical layer hardware fingerprinting technology and data augmentation from endpoints and networks.
Full control through predefined policies
Enterprise-wide policies enable compliance, regulation and best practices. With predefined templates and no baselining or whitelisting, and no requirement for a clean environment start, Sepio provides a fast and easy setup.
Rogue device mitigation (RDM)
Threat mitigation, upon discovery of rogue or threatening devices, including the identification of Raspberry Pi on Peripheral Devices. Integrations with existing security platforms such as NACs and SOARs for mitigation and remediation enhancements.
See every known and shadow asset. Prioritize and mitigate risks.
Talk to an expert. It will help you understand how to use Sepio’s patented technology to gain control of your asset risks.
