Wind farms and factory robots at risk from hackers, experts say

Robots that work alongside humans on factory floors and whizzing turbines that power wind farms are at risk of attack from ransom-seeking hackers, according to cyber security researchers exposing new vulnerabilities.

Fresh flaws revealed at the Black Hat cyber security conference show how hackers could use weak security in industrial control systems. Researchers, who expose vulnerabilities so companies can fix them, showed how to hijack robots so that they stop working or alter products or injure humans, and how to slam the brakes on energy production by wind farms.

Cyber security experts are warning that ransomware, or malicious software demanding cash payments, could force companies to choose between damaging downtime or paying a ransom to a hacker. 

Jason Staggs, a researcher, discovered serious flaws at wind farms. Controllers did not encrypt all their messages, sometimes used default passwords and did not separate the networks, so that if a hacker took over one turbine, he or she could “rule them all”. 

“What if we wanted to ransomware a wind farm? I’m not talking encrypting data, I’m talking about paralysing wind farm operations in such a way they are no longer able to produce electricity,” he told an audience in Las Vegas. 

Mr Staggs estimates that disabling a wind farm for just one day could cost the energy provider up to $700,000. “If the electric utility decides not to comply . . . the attacker is able to cause damage to the turbines.” 

Ransomware has expanded the number of potential attackers who could be interested in targeting critical infrastructure, from nation states and hacktivists trying to cause destruction, to those motivated by financial gain. 

Hackers are gaining confidence, with average ransoms increasing as 70 per cent of companies pay those demanded, according to research by IBM. The spread of WannaCry around global companies, including a Honda plant, and the UK’s National Health Service in May, showed how quickly ransomware can disable operations.

Federico Maggi, a senior threat researcher at cyber security company Trend Micro, worked with researchers at Italian university Politecnico di Milano to expose vulnerabilities in robots that are used across industries from automotive and aerospace to pharmaceuticals and consumer goods. They found vulnerabilities in a router that helped them to operate the robot remotely.

The flaw, found in robots made by ABB, has since been fixed, with updates to the software that authenticates users, and checks data and messages. ABB said only robots connected to the internet would have been affected.

Mr Maggi said hackers could use the flaw to change how a product is made and then inform the manufacturer that the goods have problems that could harm its reputation.

“This is very different from a classic ransomware scenario,” he said. “In this case, it is very difficult to have a back-up of your products.”

Source:https://www.ft.com/content/81c01028-73a6-11e7-aca6-c6bd07df1a3c