Industrial machinery can also be at risk of safety. In fact, cybercriminals could take control of it by exploiting remote controllers based on radio frequencies and used in thousands of plants and yards worldwide, including Italy.

This new type of attack emerges from the latest research Trend Micro, a global leader in cybersecurity solutions, entitled •A Security Analysis of Radio Remote Controllers for Industrial Applications. The study, also signed by Italian researchers Marco Balduzzi and Federico Maggi, deepens gaps and vulnerabilities of remote controllers, discovered and made public by the Trend Micro Zero Day Initiative (ZDI), the global program Trend Micro specialized in revealing

The research has dealt with remote radio frequency controllers of cranes, drills, cranes, mining machinery, drilling machines and other industrial devices produced by the main vendors in the sector. As for example the Italians Autec, company with customers worldwide and an annual turnover around 18 million euros, and Elca, 2.5 million euros in turnover.

These devices are now one of the main weaknesses in the industrial sector, due to their connectivity system. In addition, the situation is complicated by a life cycle and very long use and high replacement and patching costs.

The three weaknesses

Trend Micro researchers have discovered three main weaknesses in controllers: no rolling code, weak or absent encryption and no software protection. Using these weaknesses, it is possible to give rise to different types of attack, remotely but also locally. RFQuack, a tool for radio frequency impairment of the size of a 50 cent coin, was also used to complete the research and thus easily concealed within industries or construction sites.

Attacks can be very dangerous. And, compromised by the system, the malicious have several options: to use compromised machinery to cause physical damage to human operators; to stop construction sites or factories; to implement blackmail aimed at monetization, against the threat of blocking systems, or

Many technologies that operate within industrial environments face computer risks due to increasingly present connectivity.

To cope with risks, Trend Micro recommends companies using RF controllers to implement integrated security measures, including software and firmware patching, as well as the creation of standard protocols.

Leave a Reply

Your email address will not be published.

You May Also Like