Each industry has its own unique security risks. The banking and health care sectors, for example, deal with some considerably sensitive financial and client data, and therefore must put robust protections in place to ensure its safety.
The industrial sector, however, is a bit different. For many years, security-conscious experts focused on other industries, but now that connected devices and intelligent technology are in place within industrial settings to support a wide array of machinery and tasks, new data protection risks are emerging that deserve attention.
Leaders of industrial organizations must understand that the devices and systems employees leverage to control processes like construction, manufacturing, mining and logistics could open their business up to specific vulnerabilities. One such device is the radio frequency controller used to direct machinery. While these may appear to be simple endpoints similar to consumer-level garage door remote openers, these RF controllers could provide the perfect entryway for malicious activity.
RF controllers: Uses abound
Those working within the industrial sector are no doubt familiar with all the different potential ways in which RF controllers – including small, handheld models and belt-pack styles controllers with buttons and joysticks – are used:
Some RF controllers enable machines to be turned on an operated, others enable emergency stop features, and some more advanced models are capable of all of the above. As large-scale, intelligent robotics become increasingly prevalent across the industrial sector, RF controllers are more widely distributed to support machinery systems.
Where the risk comes in
Although RF controllers are typically more basic endpoints compared with elements like smartphones or software dashboards, this hardware can still introduce considerable risk. According to new research from Trend Micro, these issues appear due to several different facts involving RF controller use:
“The core of the problem lies in how, instead of depending on wireless, standard technologies, these industrial remote controllers rely on proprietary RF protocols, which are decades old and are primarily focused on safety at the expense of security,” Trend Micro researchers explained. “In our research and vulnerability discoveries, we found that weaknesses in the controllers can be (easily) taken advantage of to move full-sized machines such as cranes used in construction sites and factories.”
In addition to taking over operation of an industrial machine or system, this lack of security within the RF controls can even enable a malicious actor to override onboard emergency stop capabilities, and switch a machine back on.
Millions of RF controllers are at risk of attach.
How malicious actors could potentially leverage RF controller weaknesses
As Trend Micro pointed out in its report, A Security Analysis of Radio Remote Controllers for Industrial Applications, there are several different types of attacks that are possible through vulnerable, industrial-level RF controllers.
One of the first and most obvious issues involves sabotage, either to support extortion or other malicious pursuits. A sabotage attack may involve using an RF controller to damage or destroy machinery or products or cause delays in production. As researchers noted, even short delays can lead to considerable costs, and can affect not only the business that owns the machinery systems but also its partners across the supply chain.
Other attacks may be less focused on destruction and more centered around theft. RF controllers used within the logistics industry, for example, can be used by attackers to enable the theft of goods within shipping containers on barges.
“Even traditional harbors and logistics facilities are filled with radio-controlled lifting and handling machines to move containers and loads,” Trend Micro’s report stated. “Attackers can interfere with the lifting operations to facilitate theft or hijacking of in-transit goods.”
Attackers could also potentially carry out damaging extortion plans, supported by weak RF controllers. Similar to a ransomware attack, where strong encryption is utilized to lock users out of data and files until a digital ransom is paid, attackers could prevent industrial employees from using a machine or simulate a malfunction, ceasing regular operations until the business pays a ransom.
Overall, these are just general types of attacks, and only scratch the surface when it comes to the malicious potential of targeting RF controller vulnerabilities. Attackers could also carry out such actions as preventing emergency stop capabilities to cause damage, maliciously re-pairing the device so that it does not control the intended device, or reprogramming it to malfunction. As noted, such instances could have far-reaching consequences.
How pervasive is this issue?
Researchers discovered that while preventive safety features including specific codes to support device pairing, password protection and virtual fencing can help prevent an attack, these capabilities cannot stop malicious activity that’s already taking place.
In addition to this issue, of the seven RF remote controller vendors Trend Micro analyzed for its report, none utilized the proper security measures. Reporting on Trend Micro’s findings, ComputerWeekly security editor Warwick Ashford pointed out that this means that literally millions of RF controllers are currently at risk of attack, utilized within industrial sectors across the globe.
How to address RF controller vulnerabilities
As Trend Micro noted, one of the main purposes of its report is to raise awareness of this issue among vendors that provide RF controllers. These manufacturers must work to establish and support the proper security features on new devices, and to design and provide the necessary firmware updates to help eliminate existing vulnerabilities. What’s more, researchers urge more vendors to adopt protocols like Bluetooth Low Energy, which includes built-in security functions.
RF controller users can also do their part by understanding the basics of the remotes, including reading the manual to ensure devices can handle pairing codes. In addition, these codes should be changed from default factory settings and updated on a regular basis. It’s also important for industrial businesses to consider next-generation devices, when possible, that include infrared communications as well as RF, and those that use standard wireless technologies as opposed to “custom” wireless.
To find out more, check out Trend Micro’s report today.