Seattle, WA – July 26, 2017 – IOActive, Inc., the worldwide leader in research-driven security services, today released the details surrounding a number of cybersecurity vulnerabilities found in widely deployed Radiation Monitoring Devices (RDMs). RDMs are used to monitor the radiation found in critical infrastructure, such as nuclear power plants, seaports, borders, and even hospitals. The technical details of the research are being released by Ruben Santamarta, Principal Security Consultant for IOActive, during his Black Hat USA 2017 talk today, “Go Nuclear: Breaking Radiation Monitoring Devices.”
According to Santamarta, if the vulnerabilities identified are exploited, an attacker could wreak havoc on these critical systems used for monitoring radiation levels, such as falsifying measurement readings to simulate a radiation leak, tricking authorities to give incorrect evacuation directions, or increasing the time an attack against a nuclear facility or an attack involving a radioactive material remains undetected by sending normal readings to deceive operators.
A white paper on the research and findings will be published today following Santamarta’s talk at Black Hat USA, which includes technical details for the testing conducted during the research and the vulnerabilities identified.
Santamarta’s research focused on testing software and hardware, firmware reverse engineering and RF analysis. In doing so, he successfully uncovered security vulnerabilities in radiation monitoring devices from multiple vendors, including Ludlum and Mirion.
“Failed evacuations, concealed persistent attacks and stealth man-in-the-middle attacks are just a few of the risks I flagged in my research,” said Santamarta. “Being able to properly and accurately detect radiation levels, is imperative in preventing harm to those at or near nuclear plants and other critical facilities, as well as for ensuring radioactive materials are not smuggled across borders.”
IOActive informed the impacted vendors of the findings through responsible disclosure. All vendors acknowledged receipt of the information and despite initial responses indicating the issues would not be addressed, more recent communications from some vendors have indicated work is being done to patch the critical vulnerabilities uncovered.
Santamarta’s talk is scheduled for Wednesday, July 26 at 4:00pm PT in the Jasmine Ballroom inside Mandalay Bay at Black Hat USA 2017.
IOActive is the industry’s only research-driven, high-end information security services firm with a proven history of better securing our customers through real-world scenarios created by our security experts. Our world-renowned consulting and research teams deliver a portfolio of specialist security services ranging from penetration testing and application code assessment to chip reverse engineering across multiple industries. IOActive is the only security services firm that has a dedicated practice focusing on Smart Cities and the transportation and technology that connects them. Global 500 companies across every industry continue to trust IOActive with their most critical and sensitive security issues. Founded in 1998, IOActive is headquartered in Seattle, US, with global operations through the Americas, EMEA, and Asia Pac regions. Visit www.ioactive.com for more information. Read the IOActive Labs Research Blog: http://blog.ioactive.com. Follow IOActive on Twitter: http://twitter.com/ioactive.