Cranes Exposed to Possible Cyber-Sabotage—What We Can Learn

Author Topic: Cranes Exposed to Possible Cyber-Sabotage—What We Can Learn  (Read 1055 times)

Offline Fahad Zamal

  • Full Member
  • ***
  • Posts: 115
    • View Profile
Cranes Exposed to Possible Cyber-Sabotage—What We Can Learn
« on: November 15, 2018, 12:44:41 AM »
On October 23, 2018 ICS—CERT announced a vulnerability in Telecrane’s F25 Series remote controls, which are used for cranes. They found that anyone with a low skill level could listen in on the remote control’s communications in an attempt to “view commands, replay commands, control the device, or stop the device from running.”

In essence, a hacker could learn the commands that controlled the crane, play them back, and control the crane themselves.

The F25 Series have a wide variety of applications that range from the assembly floor to back-mounted vehicle cranes and more. While these remote controls are extremely versatile, their exposure to hacking also means that hackers have a target rich environment.

There are plenty of nightmare scenarios in which a hacker could use this exploit to deal havoc on the factory floor or in the streets in an attempt to disrupt a city or conduct corporate sabotage.

Fortunately, no reports of hacking have been reported thus far and Telecrane has already released a firmware update to combat this weakness.

Source: https://www.infosecurity-magazine.com/blogs/nations-cranes-exposed-sabotage/