Many companies let workers monitor and manage machines—and sometimes entire industrial processes—via mobile apps. The apps promise efficiency gains, but they also create targets for cyberattacks. At worst, hackers could exploit the flaws to destroy machines—and potentially entire factories.
Two security researchers, Alexander Bolshev of IOActive and Ivan Yushkevich of Embedi, spent last year examining 34 such apps. Some of the vulnerabilities the researchers discovered would allow hackers to interfere with data flowing between an app and the machine or process it’s linked to. So an engineer could be tricked into thinking that, say, a machine is running at a safe temperature when in fact it’s overheating. Another flaw would let attackers insert malicious code on a mobile device so that it issues rogue commands to servers controlling many machines.
Read the full story at technologyreview.com.