Cybersecurity News in Asia

RECENT STORIES:

SEGA moves faster with flow-based network monitoring
Resilience the true benchmark for smart infrastructure
Vast foreign-run cybercrime networks taken down in Africa
Cybercriminals take quishing to new heights with split/nested maliciou...
Frost & Sullivan Honors NEC’s Scalable and Automation-First ...
Why human mistakes remain critical weak points amid the rise of AI-pow...
LOGIN REGISTER
CybersecAsia
  • Features
    • Featured

      Resilience the true benchmark for smart infrastructure

      Resilience the true benchmark for smart infrastructure

      Wednesday, August 27, 2025, 8:21 PM Asia/Singapore | Features, IoT Security
    • Featured

      Deepfake a crisis of trust, not just technology

      Deepfake a crisis of trust, not just technology

      Tuesday, August 19, 2025, 10:06 AM Asia/Singapore | Features
    • Featured

      When talking sense into AI power mongers fails, talk $$$: A message from AI

      When talking sense into AI power mongers fails, talk $$$: A message from AI

      Thursday, August 14, 2025, 12:26 PM Asia/Singapore | Features
  • Opinions
  • Tips
  • Whitepapers
  • Awards 2025
  • Directory
  • E-Learning

Select Page

LOGIN REGISTER
  • Features
    • Featured

      Resilience the true benchmark for smart infrastructure

      Resilience the true benchmark for smart infrastructure

      Wednesday, August 27, 2025, 8:21 PM Asia/Singapore | Features, IoT Security
    • Featured

      Deepfake a crisis of trust, not just technology

      Deepfake a crisis of trust, not just technology

      Tuesday, August 19, 2025, 10:06 AM Asia/Singapore | Features
    • Featured

      When talking sense into AI power mongers fails, talk $$$: A message from AI

      When talking sense into AI power mongers fails, talk $$$: A message from AI

      Thursday, August 14, 2025, 12:26 PM Asia/Singapore | Features
  • Opinions
  • Tips
  • Whitepapers
  • Awards 2025
  • Directory
  • E-Learning
News

How vulnerable are the routers used in some ASEAN operational/IoT environments?

By CybersecAsia editors | Monday, August 19, 2024, 4:53 PM Asia/Singapore

How vulnerable are the routers used in some ASEAN operational/IoT environments?

One firmware analysis of popular OT/IoT routers in parts of ASEAN suggests some trends in risk exposure levels embedded in firmware

Based on Dec 2023 analyses of firmware images from 39 manufacturers of OT/IoT network equipment available on the internet*, a cybersecurity firm has announced its findings about routers used in operational technology (OT) and IoT systems.

First, the analyzed images contained outdated software components that were linked to existing (“n-day”) vulnerabilities. The “popular” OT/IoT router firmware images analyzed had an average of 20 exploitable n-day vulnerabilities affecting the kernel, with widening security gaps. 

Second, based on extrapolations of the market reach of the manufacturers of the analyzed firmware images, the firm asserts there are 22m exposed devices in the ASEAN region, with those in Singapore being the most exposed OT/internet connection sharing devices (and the highest percentage of exposed IT devices), followed by those in Vietnam, Thailand, Malaysia and Indonesia. The disclaimer is that countries with the most exposed devices in the analysis were not necessarily the most compromised.

Third, in terms of compromised/malicious IP addresses, the rankings for the four relevant ASEAN router manufacturers in the analysis were, in descending order, Vietnam (31.89%), Thailand (20.86%), Indonesia (18.28%) and Singapore (11.79%).

Fourth, a key finding was that there has been a decline in routers being released with default login credentials (such as ID: admin, PW: admin). However, there were numerous issues of custom patching by vendors that “do not change component versions and create confusion about what is actually vulnerable.”

According to Barry Mainz, CEO, Forescout, the firm that publicized the commissioned analysis: “To effectively mitigate risks in an environment increasingly dominated by OT and Internet of Things, we need a comprehensive asset inventory that identifies crucial details through both passive and active methods. Integrating this data with Software Bills of Materials helps us deliver targeted risk information and enforce security measures essential for protecting our digital infrastructure.”

*a total of 290 firmware images narrowed down to include only devices that function as cellular routers, have firmware images that can be automatically analyzed, and are relatively popular (based on results from the Shodan search engine). From this refined list, five firmware images were shortlisted.

Share:

PreviousHave your organization’s Windows systems been patched yet?
NextMaking sense of the EU AI Act of August 2024

Related Posts

Prepare for a war of the machines in email security

Prepare for a war of the machines in email security

Wednesday, October 21, 2020

How personal work habits at home threaten corporate network security

How personal work habits at home threaten corporate network security

Friday, June 5, 2020

Zero-click vulnerability in the Apple ecosystem still a lingering concern

Zero-click vulnerability in the Apple ecosystem still a lingering concern

Tuesday, June 17, 2025

11 videoconferencing and remote-working best practices

11 videoconferencing and remote-working best practices

Wednesday, April 8, 2020

Leave a reply Cancel reply

You must be logged in to post a comment.

Voters-draw/RCA-Sponsors

Slide
Slide
Slide
Slide
Slide
Slide
Slide
Slide
Slide
Slide
Slide
Slide
Slide
Slide
Slide
Slide
Slide
previous arrow
next arrow

CybersecAsia Voting Placement

Gamification listing or Participate Now

PARTICIPATE NOW

Vote Now -Placement(Google Ads)

Top-Sidebar-banner

Whitepapers

  • 2024 Insider Threat Report: Trends, Challenges, and Solutions

    2024 Insider Threat Report: Trends, Challenges, and Solutions

    Insider threats continue to be a major cybersecurity risk in 2024. Explore more insights on …Download Whitepaper
  • AI-Powered Cyber Ops: Redefining Cloud Security for 2025

    AI-Powered Cyber Ops: Redefining Cloud Security for 2025

    The future of cybersecurity is a perfect storm: AI-driven attacks, cloud expansion, and the convergence …Download Whitepaper
  • Data Management in the Age of Cloud and AI

    Data Management in the Age of Cloud and AI

    In today’s Asia Pacific business environment, organizations are leaning on hybrid multi-cloud infrastructures and advanced …Download Whitepaper
  • Mitigating Ransomware Risks with GRC Automation

    Mitigating Ransomware Risks with GRC Automation

    In today’s landscape, ransomware attacks pose significant threats to organizations of all sizes, with increasing …Download Whitepaper

Middle-sidebar-banner

Case Studies

  • CISOs can navigate emerging risks from autonomous AI with a new security framework

    CISOs can navigate emerging risks from autonomous AI with a new security framework

    See how security leaders can adopt layered strategies addressing intent, governance, and oversight to manage …Read more
  • MoneyMe strengthens fraud prevention and credit decisioning

    MoneyMe strengthens fraud prevention and credit decisioning

    Australian fintech strengthens risk management with SEON to scale lending operations securely and efficiently.Read more
  • PT Kereta Api Indonesia announces nationwide email and communication overhaul

    PT Kereta Api Indonesia announces nationwide email and communication overhaul

    The state railway operator’s upgraded email system improves privacy, operational reliability, and regulatory alignment for …Read more
  • Operationalizing sustainability in cybersecurity: Group-IB’s approach

    Operationalizing sustainability in cybersecurity: Group-IB’s approach

    See how the firm turned malware-group takedowns into measurements of sustainability and resilience gains: by …Read more

Bottom sidebar

  • Our Brands
  • DigiconAsia
  • MartechAsia
  • Home
  • About Us
  • Contact Us
  • Sitemap
  • Privacy & Cookies
  • Terms of Use
  • Advertising & Reprint Policy
  • Media Kit
  • Subscribe
  • Manage Subscriptions
  • Newsletter

Copyright © 2025 CybersecAsia All Rights Reserved.