All
Suppliers
Products
CAD Models
Diverse Suppliers
Insights
By Category, Company or Brand
All Regions
Alabama
Alaska
Alberta
Arizona
Arkansas
British Columbia
California - Northern
California - Southern
Colorado
Connecticut
Delaware
District of Columbia
Florida
Georgia
Hawaii
Idaho
Illinois
Indiana
Iowa
Kansas
Kentucky
Louisiana
Maine
Manitoba
Maryland
Massachusetts - Eastern
Massachusetts - Western
Michigan
Minnesota
Mississippi
Missouri
Montana
Nebraska
Nevada
New Brunswick
New Hampshire
New Jersey - Northern
New Jersey - Southern
New Mexico
New York - Metro
New York - Upstate
Newfoundland & Labrador
North Carolina
North Dakota
Northwest Territories
Nova Scotia
Nunavut
Ohio - Northern
Ohio - Southern
Oklahoma
Ontario
Oregon
Pennsylvania - Eastern
Pennsylvania - Western
Prince Edward Island
Puerto Rico
Quebec
Rhode Island
Saskatchewan
South Carolina
South Dakota
Tennessee
Texas - North
Texas - South
Utah
Vermont
Virgin Islands
Virginia
Washington
West Virginia
Wisconsin
Wyoming
Yukon

Industrial Cranes Can Be Easily Hacked [Report]

Staff Writer
4/5/2019 | 5 min read
Subscribe
Industrial Cranes Can Be Easily Hacked [Report]

Think of all the destruction that an industrial crane can cause. We’ve seen the news stories of catastrophic crane accidents, so we certainly don’t need to work hard to imagine worst-case scenarios in which someone operates a crane with nefarious intentions. But now imagine that this crane operator didn’t even have to be on-site. That’s our reality.

In a report recently released to Forbes by Japanese tech company Trend Micro, the easy hackability of industrial cranes was brought to light.

With some easily obtainable and relatively inexpensive equipment, the researchers at Trend Micro managed to hack industrial cranes and other equipment at 14 separate sites with a 100% success rate using a program they created, RFQuack.

Why Are Cranes So Unsecure?

Manufacturers of industrial cranes have long relied on antiquated proprietary wireless protocols to help keep these machines secure from outside attacks. Put simply, most manufacturers banked on the idea that most people, hackers included, didn’t know how cranes operated.

The security issue with industrial cranes doesn’t lie in the cranes themselves. The real issue is that the signals sent between the transmitters are not encrypted as they are even in basic consumer electronics.

Car door locks and garage door openers are more secure than the transmitters that operate industrial cranes, or at least they were until the crane manufacturers finally listened after seeing the ramifications of unsecure transmissions and shored up their programs.

Types of Crane Hacks

The researchers managed to enact five different types of hacks, listed as follows:

  • Replay — This hack records commands for later use.
  • Command injection — Command injections intercept outgoing commands, modify them, and then send them to the equipment.
  • E-stop abuse — This allows hackers to power down the equipment. Researchers pointed out that this could be used to hold an entire construction site hostage, requiring a company to pay a ransom before hackers release the machinery.
  • Malicious repairing — This allows hackers to take over the equipment by cloning the controller.
  • Malicious reprogramming — Malicious reprogramming makes the controller permanently vulnerable.

The Dangers of Crane Hacking

There are several issues that could arise from cranes being hacked. First off, hacked cranes can cause a great deal of damage, destroying buildings and infrastructure, injuring or killing people, and causing widespread panic throughout densely populated urban areas.

Next, hacking could be used to steal these large, expensive pieces of equipment, removing them from construction sites. These cranes could also be rendered inoperable, potentially holding up construction and costing companies big bucks.

Hacks could even be made to look like an accident, with code being implanted to make the operator’s commands cause a different action than the one intended (e.g., up is down and right is left).

Securing Industrial Equipment

Trend Micro is recommending that any companies involved in the manufacture of industrial cranes take measures to secure this equipment against hackers. Many of the manufacturers that have released fixes for the security issues found were sending out their systems’ first-ever patches. However, the fixes that have been put into place aren’t necessarily complete.

Seeing these hacks actually happen spurred many crane manufacturers to action, but warnings about the hackability of these machines aren’t new. The U.S. government has been telling companies that this could happen for several years.

In the future, manufacturers of industrial equipment will ideally build security into their programs, or, better yet, according to Trend Micro, they’ll use standard tech rather than proprietary tech so that research from across the technology sector could be easily applied.

Next Up in Industry Trends
Bridge Collapse Reverberates Throughout Supply Chain
Show More in Industry Trends