Cyber attackers could exploit vulnerabilities in radiation detection devices for malicious purposes, according to Ruben Santamarta, principal security consultant for security services firm IOActive.
By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.
Vulnerabilties in widely deployed radiation monitoring devices (RDMs), which are used to monitor radiation in nuclear power plants, seaports, borders, and even hospitals, could be exploited to wreak havoc, he said.
Attackers could, for example, falsify readings to simulate a radiation leak to trick authorities into ordering unnecessary evacuations, or increase the time that an attack against a nuclear facility or an attack involving a radioactive material remains undetected by sending normal readings to deceive operators.
IOActive has also published a white paper on the research and findings, which includes technical details for the testing conducted during the research and the vulnerabilities identified.
Santamarta’s research focused on testing software and hardware, firmware reverse engineering and radio frequency (RF) analysis to uncover security vulnerabilities in radiation monitoring devices from multiple suppliers.
In one example, by reverse engineering the firmware used in a radiation monitoring gate, he was able to find a backdoor password that would grant the highest level of privilege to an attacker. This means that an attacker could bypass the authentication processes and take control of the device to prevent it from triggering alarms.
“Failed evacuations, concealed persistent attacks and stealth man-in-the-middle attacks are just a few of the risks I flagged in my research,” said Santamarta.
“Being able to properly and accurately detect radiation levels is imperative in preventing harm to those at, or near, nuclear plants and other critical facilities, as well as for ensuring radioactive materials are not smuggled across borders.”
According to IOActive, all suppliers with vulnerable devices were notified in accordance with the security firm’s responsible disclosure policy.
Although initial responses to the research findings were poor, IOActive said recent communications from some suppliers have indicated work is being done to patch the critical vulnerabilities identified.