Sensors widely used in the energy industry to monitor industrial processes are vulnerable to attack from 40 miles away using radio transmitters, according to alarming new research.
Apa and Penagos are scheduled to give a presentation next Thursday at the Black Hat security conference in
The U.S. and other nations have put increased focus in recent years on the safety of industrial control systems used in critical infrastructure such as nuclear power plants, energy and water utilities. The systems, often now connected to the Internet, may have not had thorough security audits, posing a risk of life-threatening attacks from afar.
Apa and Penagos studied sensors manufactured by three major wireless automation system manufacturers. The sensors typically communicate with a company's home infrastructure using radio transmitters on the 900MHz or 2.4GHz bands, reporting critical details on operations from remote locations.
Apa and Penagos found that many of the sensors contained a host of weaknesses, ranging from weak cryptographic keys used to authenticate communication, software vulnerabilities and configuration errors.
For example, they found some families of sensors shipped with identical cryptographic keys. It means that several companies may be using devices that all share the same keys, putting them at a greater risk of attack if a key is compromised.
They tested various attacks against the sensors using a specific kind of radio antennae the sensors use to communicate with their home networks. They found it was possible to modify readings and disable sensors from up to 40 miles (64 kilometers) away. Since the attack isn't conducted over the Internet, there's no way to trace it, Penagos said.
In one scenario, the researchers concluded that by exploiting a memory corruption bug, all sensors could be disabled and a facility could be shut down.
Fixing the sensors, which will require firmware updates and configuration changes, won't be easy or quick. "You need to be physically connected to the device to update them," Penagos said.
Apa and Penagos won't identify the vendors of the sensors since the problems are so serious. They've handed their findings to the U.S. Computer Emergency Readiness Team, which is notifying the affected companies.
"We care about the people working in the oil fields," Penagos said.
Most Popular Stories
- Twitter Names Woman to Board
- NSA Tracks 5 Billion Cellphone Records a Day
- Nelson Mandela Dies After Momentous Life
- Nelson Mandela Dead at 95
- W.H. Corrects Itself on Unclegate
- Pope Francis Says He'll Fight Child Sex Abuse
- Yemen Attack Kills 52
- Fast-Food Workers Want $15 an Hour
- Roybal-Allard Tours Gordon Brush Plant
- Aspen Contracting Adding 300 Jobs