IoT Flaw Allows Hijacking of Connected Construction Cranes

An attacker can send spoofed commands to the crane’s controller.

A connected construction crane, from Telecrane, has a vulnerability that would allow cyberattackers to intercept its communications and take the equipment over.

The internet of things (IoT) continues to add new types of objects to its footprint, as industries start leveraging connectivity to increase productivity, accuracy and operational optimization. In Telecrane’s the case, the F25 Series uses an internet connection to help the operator guide the crane’s movements.

A poster of a comment at Bruce Schneier’s IoT security site explained the need for the connectivity: “It’s not uncommon for the crane to not have line-of-sight view to the ‘landing spot’ and a remote controller to be there guiding the load down,” he wrote.

Read more…
Source: ThreatPost