Editorial: Hijacking heavy equipment
Creating chaos on the jobsite through hacking
By Andrew Snook
Hackers have been in existence almost as long as computers. Some of them are, in fact, quite harmless. People looking to test their skills against the strongest security systems strictly for the intellectual challenge – many of these bright minds are hired by governments and private companies to test their own systems against those who look to do harm.
For some hackers immersed in criminal enterprises, hacking holds the opportunity for identity theft, raiding bank accounts and holding individuals and companies’ data for ransom.
But not all hackers looking to perform criminal acts are looking for profit. Some hackers look to create chaos strictly for their own entertainment and, sometimes, specifically to hurt people.
I recently read a disturbing article in Forbes written by cybersecurity writer Thomas Brewster. Brewster wrote about a new type of hacking that has begun, and it’s dangerous as hell: the hacking of large construction cranes and other types of heavy equipment.
In the article, Brewster speaks with cybersecurity researchers who wanted to see if they could take control of tower cranes and other heavy equipment by reverse-engineering communications from the radio frequency (RF) controllers.
Their success rate was disturbingly high.
They were able to take control of various types of heavy equipment across construction sites all over Italy, with tower cranes obviously holding the potential to do some of the most catastrophic damage if taken over; given their lifting capacities and the likelihood of their proximity to densely populated areas in downtown cores of cities.
In addition to the potential for injury, this type of hacking could create huge spikes in costs of projects due to lost time stemming from equipment being stolen or being taken over and held for ransom.
The cybersecurity experts in the article do offer some suggestions for helping address this potential problem, such as ensuring a company is using modernized, standardized technologies that would create more opportunity to build fixes into the equipment where there may be vulnerabilities to hacking.
Now, for those of you sweating crane-sized bullets, here’s a little good news.
Some of the fixes to protect vulnerable equipment have already started rolling out over the past year. According to the article, the U.S.-government-funded Computer Emergency Response Teams has been working on communicating this issue to manufacturers and patches and workarounds are being created.
Read the full Forbes article and watch a video of a crane being taken over through hacking here.
This may seem like an unlikely scenario, but the threat is very real. And construction companies around the globe will need to protect themselves, their employees and the public from this type of attack from chaos creators, terrorists, and criminal hackers for profit, now and in the future.
Stay safe out there.