Industrial remote control RF hack puts machinery at risk

Trend Micro discovers that heavy-duty radio frequency remote controllers are open to cyber attacks

Industrial remote

Radio Frequency (RF) remote controllers that are used to operate connected industrial machines are highly susceptible to cyber attacks, according to security researchers.

In its study, Risky Radio Remotes: Attack Classes and Attacker Models, security firm Trend Micro suggests that the more rugged variety of radio controllers, used for heavy-duty purposes such as the control and automation of industrial machines like cranes and drills, could be hijacked in a number of ways.

RF controls use a transmitter to send out radio waves corresponding to a command, usually a press of a button, which a receiver interprets as an action - for example, opening up a garage door. Trend Micro said the industrial version of this technology, which is used in various sectors such as construction, manufacturing and logistics, is highly vulnerable to hijacking.

Advertisement - Article continues below

"In our research and vulnerability discoveries, we found that weaknesses in the controllers can be easily taken advantage of to move full-sized machines such as cranes used in construction sites and factories," Trend Micro said.

"In the different attack classes that we've outlined, we were able to perform the attacks quickly and even switch on the controlled machine despite an operator's having issued an emergency stop (e-stop)."

Advertisement
Advertisement - Article continues below

One of the most worrying aspects of this discovery is that for the majority of the methods outlined, potential hackers either only need to be within the vicinity of the target or they can perform it remotely.

The research found that controllers that use RF are susceptible to command spoofing, where an attacker within range can capture radio traffic, selectively modify the packets, and automatically craft new commands.

A hacker can just be within the range of a construction site, pretend to be a bystander, hide a battery-powered, coin-sized device and use it remotely to craft their own packets to control an industrial machine or persistently simulate a malfunction, such as a DDoS attack.

Advertisement - Article continues below

Considering the earlier example of a garage door, which uses RF protocols, Trend Micro actually found them to be more secure than industrial remote controls as they implement better security through rolling-code mechanisms.

The kinds of hack that are possible include replay attacks, where the hacker records the RF packets and replays them to obtain basic control of a machine. A command injunction, where the hacker knows the RF protocol and can selectively modify RF packets to completely control a machine.

Hackers can also clone a remote controller, or its functionality, to hijack a machine and as mentioned earlier, hackers can replay emergency stop commands indefinitely to engage a persistent denial-of-service condition.

Featured Resources

The case for a marketing content hub

Transform your digital marketing to deliver customer expectations

Download now

Fast, flexible and compliant e-signatures for global businesses

Be at the forefront of digital transformation with electronic signatures

Download now

Why CEOS should care about the move to SAP S/4HANA

And how they can accelerate business value

Download now

IT faces new security challenges in the wake of COVID-19

Beat the crisis by learning how to secure your network

Download now
Advertisement

Recommended

Visit/security/hacking/355774/nigerian-hackers-swindle-millions-of-dollars-from-unemployment-systems
hacking

Nigerian hackers swindle millions of dollars from unemployment systems

22 May 2020
Visit/security/hacking/355773/hackers-take-on-unsuspecting-airliners-exposing-customer-data
hacking

Hackers take on unsuspecting airliners, exposing customer data

22 May 2020
Visit/security/hacking/355749/hackers-targets-game-developers-with-advanced-malware
hacking

Hackers target game developers with advanced malware

21 May 2020
Visit/security/hacking/355738/security-service-of-ukraine-arrests-infamous-hacker-sanix
hacking

Security Service of Ukraine arrests infamous hacker Sanix

21 May 2020

Most Popular

Visit/security/34616/the-top-ten-password-cracking-techniques-used-by-hackers
Security

The top ten password-cracking techniques used by hackers

5 May 2020
Visit/mobile/5g/355712/nokia-5g-speed-record
5G

Nokia breaks 5G record with speeds nearing 5Gbps

20 May 2020
Visit/cloud/cloud-computing/355742/microsoft-launches-public-cloud-service-for-health-care
cloud computing

Microsoft launches public cloud service for health care

21 May 2020