July 31, 2017 By Mark Samuels 2 min read

Researchers have found a range of unpatched vulnerabilities in radiation monitoring devices (RMDs) that could be used by attackers to endanger critical infrastructure.

Ruben Santamarta, principal security consultant at IOActive, presented his findings in a white paper titled, “Go Nuclear: Breaking Radiation Monitoring Devices” at the Black Hat USA event last week. He found that the security shortcomings in RMDs could be significant, since the devices help detect radiation leaks and can alert organizations to issues at nuclear power plants.

The Research Process

RMDs are sophisticated devices that measure radiation. Critical infrastructure, such as nuclear power plants, seaports, border points and hospitals, are equipped with RMDs. The equipment helps to prevent threats such as the smuggling of nuclear material and contamination through radiation.

IOActive used its survey to discover the kinds of vulnerabilities that affect RMDs. The research focused on firmware reverse engineering, radio frequency analysis and hardware hacking by analyzing area monitors used at nuclear power plants — specifically the Mirion WRM2 protocol. Santamarta and his team discovered that they could leverage this protocol to introduce false information into communication channels, allowing either the simulation of a radiation leak or the manipulation of evacuation details.

The Response

All affected vendors were contacted as part of IOActive’s responsible disclosure policy. The firm provided technical details and spoke with the vendors to discuss both the potential impact of the flaws and vulnerability patching.

The IOActive white paper said that the three vendors — Ludlum, Mirion and Digi — initially acknowledged the report but did not address the issues. Digi and Mirion subsequently contacted Santamarta and his colleagues, informing him that they were undertaking collaborative work to patch the critical vulnerabilities uncovered in the research.

The Industrial Control System Cyber Emergency Response Team (ICS-CERT) also issued an alert about inadequate encryption for radio-based, telemetry-enabled devices from Mirion following Santamarta’s Black Hat presentation. The alert suggested that the successful exploitation of these flaws could give an errant outsider the opportunity to transmit fraudulent data or perform a distributed denial-of-service (DDoS) attack.

How Are Nuclear Power Plants Affected?

The IOActive white paper acknowledged that these flaws will probably remain unpatched for months, if not years, despite the change in approach from the RMD vendors, reported Bleeping Computer.

Patching the affected devices will be tough, since the problems are related to design flaws rather than software bugs, according to SecurityWeek. Santamarta and his colleagues suggested that increasing awareness of the possibility of such attacks can help affected organizations mitigate some of the risks.

More from

How will the Merck settlement affect the insurance industry?

3 min read - A major shift in how cyber insurance works started with an attack on the pharmaceutical giant Merck. Or did it start somewhere else?In June 2017, the NotPetya incident hit some 40,000 Merck computers, destroying data and forcing a months-long recovery process. The attack affected thousands of multinational companies, including Mondelēz and Maersk. In total, the malware caused roughly $10 billion in damage.NotPetya malware exploited two Windows vulnerabilities: EternalBlue, a digital skeleton key leaked from the NSA, and Mimikatz, an exploit…

3 Strategies to overcome data security challenges in 2024

3 min read - There are over 17 billion internet-connected devices in the world — and experts expect that number will surge to almost 30 billion by 2030.This rapidly growing digital ecosystem makes it increasingly challenging to protect people’s privacy. Attackers only need to be right once to seize databases of personally identifiable information (PII), including payment card information, addresses, phone numbers and Social Security numbers.In addition to the ever-present cybersecurity threats, data security teams must consider the growing list of data compliance laws…

ICS CERT predictions for 2024: What you need to know

4 min read - As we work through the first quarter of 2024, various sectors are continuously adapting to increasingly complex cybersecurity threats. Sectors like healthcare, finance, energy and transportation are all regularly widening their digital infrastructure, resulting in larger attack surfaces and greater risk exposure.Kaspersky just released their ICS CERT Predictions for this year, outlining the key cybersecurity challenges industrial enterprises will face in the year ahead. The forecasts emphasize the persistent nature of ransomware threats, the increasing prevalence of cosmopolitical hacktivism, insights…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today