Radiation Monitoring Devices feature several security vulnerabilities that can be exploited by cyber criminals with devastating effect, note researchers at IOActive. Hackers can conduct man-in-the-middle attacks on Radiation Monitoring Devices to send incorrect readings of radiation levels to operators.
While inspecting Radiation Monitoring Devices that are widely-deployed in critical infrastructure like nuclear plants, hospitals, borders and seaports to detect real-time radiation levels, researchers at security firm IOActive discovered several security vulnerabilities that can be exploited by hackers for various purposes.
Considering how important Radiation Monitoring Devices are in terms of keeping the population safe from nuclear radiation and detecting leakages in nuclear plants, losing control of such devices may render an entire population vulnerable to radiation as well as cause malfunctioning of nuclear plants. Considering that such devices feature software and hardware vulnerabilities, it is only a matter of time before they are exploited by criminals unless such issues are fixed.
By hacking into Radiation Monitoring Devices, hackers can falsify measurement readings to simulate a radiation leak, trick authorities to give incorrect evacuation directions, or send incorrect readings to operators to keep them from identifying radioactive materials.
Researchers at IOActive found that security vulnerabilities exist in Radiation Monitoring Devices built by various vendors including Ludlum Measurements and Mirion. Ruben Santamarta, Principal Security Consultant for IOActive, conducted various tests on hardware and software and also used reverse engineering and RF analysis to uncover the said vulnerabilities.
“Failed evacuations, concealed persistent attacks and stealth man-in-the-middle attacks are just a few of the risks I flagged in my research. Being able to properly and accurately detect radiation levels, is imperative in preventing harm to those at or near nuclear plants and other critical facilities, as well as for ensuring radioactive materials are not smuggled across borders,” he said.
Security vulnerabilities in radiation monitors are an indication of how critical infrastructure in various countries can be hacked or controlled by hackers with intent to cause damage. An eye-opening report from the National Cyber Security Centre revealed that earlier this year, hackers were able to compromise a number of Industrial Control System engineering and services organisations in the UK.
The report added that suspected hackers have been trying to connect organisations’ industrial control systems to malicious IP addresses using SMB and HTTP vulnerabilities in order to gain access to user passwords.
Hackers have also successfully breached ‘administrative and business networks’ of several nuclear power plants, manufacturing plants, and some energy facilities in the United States as confirmed by the FBI and the Department of Homeland Services. Fortunately, they were not able to breach critical networks as they were separated from the Internet as well as corporate networks.