Site icon Wonderful Engineering

Watch These Two Hackers Hack Construction Machines At A Work Site

Two Hackers From Micro Trend Hacked Construction Sites In Italy!

We’ll be honest; we never thought that cranes could be hacked. However, a demonstration carried out by two white hat hackers working for Trend Micro has changed our minds. Next time we see a crane, we will be asking who is in control. The demonstration – carried out from the car – has unveiled just how vulnerable cranes and other building equipment are.

Trend Micro is a Japanese cybersecurity giant. Federico Maggi and Marco Balduzzi work for Trend Micro, and traveled in the Lombardy region of Italy along with their laptops, scripts for running the hacks, and some radio hardware that used for beaming out the code for exploitation.

The duo from the Trend Micro reached out to the building site managers and asked if they could try to hack some of their cranes and other equipment present on site. Scarily enough, they were successful in doing so.

As it turns out, the cranes are quite vulnerable. The weakness lies in the communication that takes place between the crane and the controllers. In order to find their way into the system, the duo reverse engineered the communications that were being originated from the radio frequency controller. The simplicity of the hack signifies just how disastrous it can be if the cranes were to be hacked with malicious intent. According to the research paper written by the duo from Trend Micro, the damage would vary ‘from theft and extortion to sabotage and injury.’

The duo made use of their scripts and hacking skills at 14 different construction sites by making use of five different kinds of attacks. The attacks included command injection, e-stop abuse, malicious re-pairing, replay attack, and malicious reprogramming. Except for malicious reprogramming, the attacks can be carried out within a matter of minutes and without costing a fortune.

The equipment that the duo used included two laptops, some free code and basic RF equipment that cost them somewhere between $100 and $500. The purpose of this whole exercise was to sell security software, however; it has highlighted a serious loophole in the construction equipment that is used all over the world.