Connect with us

Cyber Crime

Cyber Threat To High-Tech Industrial Machines Used For Automated Jobs: India’s CERT-In Warns



Cyber Threat To High-Tech Industrial Machines Used For Automated Jobs: India’s CERT-In Warns

NEW DELHI: A popular perception among gadget users is that only mobile phones or computers run the risk of getting hacked or attacked by a malware. However, a new advisory issued by the Indian Computer Emergency Response (CERT-In) exposes a new dimension in cyber vulnerabilities.

According to the advisory, two serious vulnerabilities have been detected in Programmable Logic Controllers (PLCs), high-tech devices used in industrial machines for automatic performance.

“Almost every automatic machine today runs on a PLC, and if exploited by attackers these PLCs could lead to the crash of entire industries,” cyber experts believe.

ALSO READ: Beware! That IT Returns SMS Can Empty Your Bank Account: CERT-In Issues Advisory Against New Trojan That Hit 27 Banks

The CERT-In’s advisory was issued on June 29 this year and makes it clear that there are two vulnerabilities, both classified as ‘High’ in terms of severity, have been detected in PLCs manufactured and sold by JTEKT, a Japan-based company that also has a branch in India.

The vulnerabilities affect 17 different types of PLCs made by JTEKT,” the advisory noted in the warning.

ALSO READ: Protect Your Phone From Bot & Virus Using Free App Developed By CERT-In

“These vulnerabilities exist due to missing authentication for critical functions and insufficient verification of data authenticity. A remote attacker could exploit these vulnerabilities by sending specially crafted messages,” the advisory states.

“Successful exploitation of these vulnerabilities could allow a remote hacker to execute arbitrary code, change control logic, disable communication links or perform denial-of-service condition on the targeted systems,” it warned.

History And Israel-Iran Conflict

According to reports, this is not the first time that such vulnerabilities on Programmable Logic Controllers (PLCs) have come to the fore. There have been episodes in the past also in which global-level cutting-edge technology of the time has been used by countries against rivals.

ALSO READ: Report Data Breach & Cyber Incidents Within 6 Hours: CERT-In New Directives To Firms & Government Agencies

One of the most prominent examples of PLCs being hacked was noted in 2010, when Israel exploited vulnerabilities in PLCs to hack and disable Iran’s nuclear enrichment facility, the reports claimed.

Nomenclature: Why PLCs are named PLCs

Cyber experts believe that Programmable Logic Controllers (PLCs) are so named because they work on a pre-set “logic” or a reasoning that allows them to function the way they are supposed to.

This logic can be programmed by an external party, which is ideally supposed to be the entity operating the concerned machines. The risk factor begins when an external attacker, usually a hacker, gains access to the PLCs and is in a position to change this logic.

“Once a hacker is able to do this, they can manipulate the machine run by the PLC for any purpose. PLCs, commonly known as industrial controllers, are used in every industry in this day and age, be it logistics, healthcare, aviation or defence,” the experts claim.

Threat To Indian Industries

Yes, the industrial sector in India is vulnerable to attacks on PLCs.

“Industrial controllers are legacy systems with hardly any security. These systems used to be analogue but once they were accessible over the internet, they got an IP address and hackers were able to discover them,” Maharashtra’s senior police officer Brijesh Singh said.

Singh, who is currently the Additional Director General of Police of the most industrial Indian state, is among the country’s leading cyber experts.

“Imagine an elevator programmed to take people up and down a building, and imagine what could happen if its PLC were to fall into the wrong hands,” the officer said.

Singh said there are entire repositories of vulnerable industrial controllers, along with custom made exploits for targeting each vulnerability, on the dark web.

“Not just this, there are specialised search engines which literally give you a list of open-to-hack devices on a map!” he warned.

ALSO READ: Step By Step Guide: How To File Cybercrime Complaint Online In India

JTEKT’s Response:

Japan-based JTEKT, has also confirmed both the vulnerabilities on its official website. The company said these vulnerabilities exist due to lack of authentication capabilities in its products.

JTEKT has also released detailed mitigation methods on its website which can be downloaded and followed.

What is even more serious, however, is that these two vulnerabilities are just the tip of the iceberg.

They feature in a report released two weeks ago by private cyber security research group Forescout, which discovered 56 serious vulnerabilities, many of them classified as ‘critical’ in severity, in industrial controllers manufactured and sold by ten leading names in the field.

Follow on

 Telegram | Facebook | Twitter | LinkedIn | Instagram | YouTube

Continue Reading