seismic sensors vulnerable to cyber attack

seismic sensors vulnerable to cyber attack

Thousands of seismic sensors monitoring geological activity are vulnerable to cyber attack, suggests research.

The poor security controls around the way the sensors transmit data were detailed in a presentation at the Def Con hacker convention.

Researchers found ways to fool and overload sensors so monitoring systems would get wildly inaccurate readings.

The findings have been reported to the US computer emergency organisation that oversees national infrastructure.

Financial sabotage

“We have not seen any research previously in this field,” said Bertin Bonilla, a security expert based in Costa Rica who, with colleague James Jara, carried out the work.
Mr Bonilla said the network of sensors came to light during a different project that tried to find and map smart devices connected to the net to create a search engine for the Internet of Things.
The devices stood out because of the distinctive fingerprint of data they surrendered to scanning software and because of their location, said Mr Bonilla.
“These devices are located in extreme environments like the middle of the ocean and around active volcanoes,” he said.

Mr Bonilla said the risks associated with the network and sensors were low but the easy access might be of interest to particular types of attackers.
“These devices measure natural disasters,” he said.
“Abusing them could lead to financial sabotage for a specific company or country.”

Information about the series of flaws has been reported to the US Computer Emergency Readiness Team (US Cert) which co-ordinates work to harden national infrastructure systems.
US Cert has passed information about the security flaws to Canadian firm Nanometrics which makes the sensors and data-gathering equipment that makes up a lot of the seismic monitoring network.

Related posts