IOActive researcher Ruben Santamarta has uncovered a number of cybersecurity vulnerabilities in widely deployed Radiation Monitoring Devices (RDMs), and has presented his research at the Black Hat conference in Las Vegas.
RDMs are used to monitor the radiation found in critical infrastructure, such as nuclear power plants, seaports, borders, and even hospitals.
According to the researcher, if the vulnerabilities identified are exploited, an attacker could wreak havoc on these critical systems used for monitoring radiation levels, such as falsifying measurement readings to simulate a radiation leak, tricking authorities to give incorrect evacuation directions, or increasing the time an attack against a nuclear facility or an attack involving a radioactive material remains undetected by sending normal readings to deceive operators.
Santamarta’s research focused on testing software and hardware, firmware reverse engineering and RF analysis. In doing so, he successfully uncovered security vulnerabilities in radiation monitoring devices from multiple vendors, including Ludlum and Mirion.
“Failed evacuations, concealed persistent attacks and stealth man-in-the-middle attacks are just a few of the risks I flagged in my research,” he says. “Being able to properly and accurately detect radiation levels, is imperative in preventing harm to those at or near nuclear plants and other critical facilities, as well as for ensuring radioactive materials are not smuggled across borders.”
IOActive informed the impacted vendors of the findings through responsible disclosure. All vendors acknowledged receipt of the information and despite initial responses indicating the issues would not be addressed, more recent communications from some vendors have indicated work is being done to patch the critical vulnerabilities uncovered.
More details about the various types of RDMs, technical details about the testing conducted during the research and the vulnerabilities identified are shared in this white paper.
According to the researcher, the found issues are still not fixed, “so increasing awareness of the possibility of such attacks will help to mitigate the risks.”