Trend Micro detects flaws in industrial machinery radio frequency controllers

BT News Desk
March 7, 2019 7:59 pm

Trend Micro released a new report detailing inherent flaws and new vulnerabilities in radio frequency remote controllers found and disclosed through the Zero Day Initiative. The report, A Security Analysis of Radio Remote Controllers for Industrial Applications, demonstrates how an attacker could persistently and remotely take control of, or simulate the malfunction of, the attacked machinery.

The report’s findings cover RF remote controllers found in cranes, drills, mining machinery and other industrial devices produced by the seven most commonly deployed vendors. These types of devices have become a major point of security weakness because of their connectivity. Long lifespans, high replacement costs, and cumbersome patching processes compound this problem.

Trend Micro discovered three basic failings in RF controllers: no rolling code; weak or no cryptography; and a lack of software protection. Leveraging these basic weaknesses enabled five remote and local attack types, which are detailed in the report. To help facilitate the research, an RF analysing tool, RFQuack, was also developed.

Many operational technologies in industrial settings are now facing cyber risks due to newly added connectivity. According to Gartner, IoT devices must remain secure for many years, potentially decades. IoT devices are also exposed or unprotected. This combination of time and space presents a different security profile than that of traditional IT assets. Security and risk management leaders must identify key industrial assets and systems, and prioritise protection of these assets based upon their mission criticality and integrated risks to OT and IT systems.

“This research demonstrates a concerning reality for owners and operators of heavy industrial machinery where RF controllers are widely found,” said Bill Malik, VP of Infrastructure Strategies for Trend Micro. “By testing the vulnerabilities our researchers discovered, we confirmed the ability to move full-sized industrial equipment deployed at construction sites, factories, and transportation businesses. This is a classic example of both the new security risks that are emerging, as well as how old attacks are being revitalised, to attack the convergence of OT and IT.”

Key takeaways

  • The findings cover RF remote controllers found in cranes, drills, mining machinery, industrial devices produced by seven vendors.
  • These devices become major point of security weakness because of their connectivity.
  • Long lifespans, high replacement costs, cumbersome patching processes compound this problem.
  • Trend Micro discovered three failings in RF controllers: no rolling code; weak cryptography; lack of software protection.
  • Many operational technologies are facing cyber risks due to newly added connectivity.
  • According to Gartner, IoT devices must remain secure for many years, potentially decades.
  • The combination of time and space presents a different security profile than that of traditional IT assets.

Tags: