logo

Breaking the IIoT: Hacking industrial Control Gateways

Conference:  BlackHat USA 2018

2018-08-08

Summary

The presentation discusses the security shortcomings of industrial control gateways and the need for better security measures in critical infrastructure.
  • Industrial control gateways connect critical infrastructure to centralized management systems
  • Gateways have significant security shortcomings and are not secure enough for critical infrastructure
  • Attacks on industrial systems have been used as weapons
  • The speaker found a shelf full of vulnerable devices during a pen test of an electricity provider
  • The devices are at a vulnerable point between native protocols and the internet
  • The speaker emphasizes the need for better security measures in industrial IoT
During a pen test of an electricity provider, the speaker discovered a shelf full of vulnerable devices that were used to interconnect a ton of devices via various means. These devices were at a vulnerable point between native protocols and the internet, making them a prime target for attackers. The speaker emphasizes the need for better security measures in industrial IoT to prevent attacks on critical infrastructure.

Abstract

Industrial control gateways connect most of the critical infrastructure surrounding us to the centralized management systems: From power grids (transformer stations, solar fields), city infrastructure (traffic lights, tunnel control systems) to big industrial plants (automotive, chemical), these devices can be found almost everywhere. In the last years these gateways have even been known to be used in attacks on countries such as the Ukraine in 2015 and Saudi Arabia in 2018. This presentation reviews the security of those gateways; going from attacking the communication protocols up to reverse engineering and fuzzing proprietary firmwares and protocols, concluding with a live demonstration of the vulnerabilities on real devices, showing that the industrial control gateways from most vendors have significant security shortcomings and are not secure enough to be used in critical infrastructure.

Materials:

Tags: