chungking - Fotolia
Radiation detection devices open to cyber attack, researcher finds
A security researcher has discovered numerous security flaws in multiple devices that are used to detect radiation in critical facilities
Cyber attackers could exploit vulnerabilities in radiation detection devices for malicious purposes, according to Ruben Santamarta, principal security consultant for security services firm IOActive.
Santamarta revealed the technical details of his research at Black Hat USA 2017 in a presentation entitled Go nuclear: breaking radiation monitoring devices.
Vulnerabilties in widely deployed radiation monitoring devices (RDMs), which are used to monitor radiation in nuclear power plants, seaports, borders, and even hospitals, could be exploited to wreak havoc, he said.
Attackers could, for example, falsify readings to simulate a radiation leak to trick authorities into ordering unnecessary evacuations, or increase the time that an attack against a nuclear facility or an attack involving a radioactive material remains undetected by sending normal readings to deceive operators.
IOActive has also published a white paper on the research and findings, which includes technical details for the testing conducted during the research and the vulnerabilities identified.
Santamarta’s research focused on testing software and hardware, firmware reverse engineering and radio frequency (RF) analysis to uncover security vulnerabilities in radiation monitoring devices from multiple suppliers.
In one example, by reverse engineering the firmware used in a radiation monitoring gate, he was able to find a backdoor password that would grant the highest level of privilege to an attacker. This means that an attacker could bypass the authentication processes and take control of the device to prevent it from triggering alarms.
Read more about industrial control system security
- Airbus is helping to drive the cyber security market for industrial control systems used throughout industry, including many providers of critical national infrastructure.
- There is a pressing need to improve cyber security in industrial control system environments, according to security certification body Crest.
- Vulnerabilities in industrial control systems commonly used by suppliers of critical national infrastructure are potentially the biggest threats to UK cyber security.
- Organisations should mitigate six key vulnerabilities in industrial control systems to reduce the risk of cyber attack, warns security firm FireEye.
“Failed evacuations, concealed persistent attacks and stealth man-in-the-middle attacks are just a few of the risks I flagged in my research,” said Santamarta.
“Being able to properly and accurately detect radiation levels is imperative in preventing harm to those at, or near, nuclear plants and other critical facilities, as well as for ensuring radioactive materials are not smuggled across borders.”
According to IOActive, all suppliers with vulnerable devices were notified in accordance with the security firm’s responsible disclosure policy.
Although initial responses to the research findings were poor, IOActive said recent communications from some suppliers have indicated work is being done to patch the critical vulnerabilities identified.
