Hackers and Cranes: The Dangers Research Has Revealed

Mon January 27, 2020 - National Edition
Emily Buenzle – Special to CEG



There's no doubt that remotely controlled construction equipment is a huge advantage for crews across job sites everywhere, but as with any innovation, it carries its own set of risks.

One danger that researchers have unearthed is the ability for hackers to control remotely operated construction equipment with little effort. Researchers from security software company Trend Micro recently put this risk to the test.

Researchers Frederico Maggi and Marco Balduzzi toured Italy's Lombardi region in March 2018, attempting to convince construction site managers they met along the way to allow them to try to hack their cranes, Forbes reported. Although many managers turned down their offer, one named Matteo agreed. First, Maggi and Balduzzi asked Matteo to turn off his transmitter, the sole way the crane could be controlled on the site, and put the crane into the "stop" position. Then, using laptops powered with the battery of the red Volkswagen Polo they were driving, Maggi and Balduzzi made an attempt to gain control of the equipment by running their code.

Within seconds, the previously stationary crane began to move.

After this first successful hacking attempt, Maggi and Balduzzi tried their luck at 14 other job sites, where they hacked and controlled cranes, excavators, scrapers and other pieces of equipment.

How It Works

The problem, according to Trend Micro, isn't with technological advancements in the construction industry, but rather with the continued use of old methods to control these machines. Radio frequency controllers, which are used for remotely controlled construction equipment, like the cranes Maggi and Balduzzi hacked, work by sending out radio waves that pair with a command that is interpreted and executed by a receiver.

Trend Micro determined that "weaknesses in the controllers can be (easily) taken advantage of to move full-sized machines such as cranes used in construction sites and factories … we were able to perform the attacks quickly and even switch on the controlled machine despite an operator's having issued an emergency stop (e-stop).

"The core of the problem lies in how, instead of depending on wireless, standard technologies, these industrial remote controllers rely on proprietary RF protocols, which are decades old and are primarily focused on safety at the expense of security," Trend Micro said. "It wasn't until the arrival of Industry 4.0, as well as the continuing adoption of the Industrial Internet of Things (IIoT), that industries began to acknowledge the pressing need for security."

For perspective, Trend Micro said that it found garage door remote controllers that use radio frequency to be more secure than industrial remotes.

Potential hackers have the ability to perform their attacks in a variety of ways, Trend Micro said:

  • Local attacks: Hackers within range may not have any advanced skills, and would merely need a software-defined radio (SDR) to record a command and then replay it. Add in signal amplifiers and a good antenna, and a hacker could gain control of the equipment in question from miles away.
  • Remote attacks: These attacks can occur in different manners — a hacker could plant a small, battery-operated embedded device in the target range, which can be controlled remotely for the length of the battery's charge. Otherwise, a hacker could use a computer to program software or control remotes to take over the machine.

And since industrial remote controllers last much longer — and cost more to replace — than their run-of-the-mill, commercial counterparts, many pieces of equipment could be easy targets for a decade or longer. Micro Trend reported it found that many of these remote controllers had been in use for 15 years or longer.

While it's clear that an attack such as this is possible — who would want to do something like this in the first place, and why?

According to Micro Trend, casual attackers could be close by — a contractor or an unhappy worker. And while the motivations behind this kind of attack could be infinite, Micro Trend pointed out that three key motivations include sabotage, theft and extortion.

What You Can Do

According to Micro Trend, construction companies can fight back against this risk by:

  • Applying patches as needed to stop hackers from using a system's weak points to gain entry;
  • Considering devices that have virtual fencing features, which disable the device when the remote controller steps out of range; and
  • Switching from proprietary radio frequency protocols to standard ones.

CEG recently spoke with Joel Oliva, director of operations at the Commission for the Certification of Crane Operators about this issue.

Although the risk of hackers controlling the equipment on your job site is real, with the right preparation, you and your crew don't have to be left vulnerable. After all, you want your cranes to help you reach new heights, and with a bit of awareness of the risks, they'll help you rise even higher. CQ

This story also appears on Crane Equipment Guide.