Industrial Plants Can Be Disrupted With a Remote
The wireless control systems used at many major infrastructure facilities have vulnerabilities which could allow a hacker with a radio frequency (RF) transceiver to close down a plant from up to 40 miles away; two security researchers told the Black Hat convention in Las Vegas.
Lucas Apa and Carlos Mario Penagos Hollman of IOActive said in a presentation that they had found vulnerabilities in every wireless device developed over the past few years by three leading industrial wireless automation solution providers.
The devices were widely used by many companies in the energy, oil, water, nuclear, natural gas, and refined fuels sectors.
“An untrusted user or group within a 40-mile range could read from and inject data into these devices using radio frequency transceivers,” the researchers said.
“A remotely and wirelessly exploitable memory corruption bug could disable all the sensor nodes and forever shut down an entire facility.”
They said that when sensors and transmitters were attacked, remote sensor measurements on which critical decisions are made could be modified. “This can lead to unexpected, harmful, and dangerous consequences.”
The researchers focused on the cryptographic keys used in sensor networks.
They said that the three vendors whose products they analysed – whom they did not name – shared several characteristics: a vague concern about security at all phases of development and design; faulty implementation leading to the potential of a compromised network; and contradictions in their documentation relating to security features.
“Researchers are continuing to write academic papers about the future of wireless sensor networks and key distribution,” their paper said. “In the meantime, industrial security certification and evaluation programs should, at minimum, discuss this topic in more detail. Also, industrial companies that rely on wireless technologies should re-examine their key design and implementation processes and become aware of how secrets are stored on and shared by their devices.”