Trend Micro report finds flaws in RF remote controllers – Technologist
Cybersecurity expert Trend Micro has detailed inherent flaws and new vulnerabilities in radio frequency (RF) remote controllers in a new report.
RF remote controllers are handheld, wireless devices used to operate electronic equipment using radio frequency transmission. They are mostly used in heavy industrial machinery, including cranes, drills, mining machinery and other industrial devices.
“These types of devices have become a major point of security weakness because of their connectivity. Long lifespans, high replacement costs, and cumbersome patching processes compound this problem,” the company said in a media release.
Bill Malik, VP of infrastructure strategies for Trend Micro, said that by testing the vulnerabilities, the company’s researchers discovered the ability to move full-sized industrial equipment deployed at construction sites, factories, and transportation businesses.
“This is a classic example of both the new security risks that are emerging, as well as how old attacks are being revitalized, to attack the convergence of OT and IT.”
In the report, “A Security Analysis of Radio Remote Controllers for Industrial Applications,” Trend Micro demonstrates how an attacker could persistently and remotely take control of, or simulate the malfunction of, the attacked machinery.
It said the three basic failings in RF controllers are: no rolling code; weak or no cryptography; and a lack of software protection.
“The core of the problem lies in how, instead of depending on wireless, standard technologies, these industrial remote controllers rely on proprietary RF protocols, which are decades old and are primarily focused on safety at the expense of security. It wasn’t until the arrival of Industry 4.0, as well as the continuing adoption of the industrial internet of things (IIoT), that industries began to acknowledge the pressing need for security,” the report noted.
The security firm advised security and risk management leaders to “identify key industrial assets and systems, and prioritize protection of these assets based upon their mission criticality and integrated risks to OT and IT systems.
It recommends implementing comprehensive security measures, including software and firmware patching, as well as building on standardized protocols.
IoT to exacerbate ransomware attacks? – Technologist
Optimisation imperatives to fuel AI-powered homes and buildings – Technologist
Key Features of the Best Animation Software – Technologist
About The Author
admin
Azeem Rajpoot, the author behind Technolo Gist, is a passionate tech enthusiast with a keen interest in exploring and sharing insights about the rapidly evolving world of technology. With a background in Technologist, Azeem brings a unique perspective to the blog, offering in-depth analyses, reviews, and thought-provoking articles. Committed to making technology accessible to all, Azeem strives to deliver content that not only keeps readers informed about the latest trends but also sparks curiosity and discussions. Follow Azeem on this exciting tech journey to stay updated and inspired.