[ad_1]
“OPC UA is used all over the industrial world as a connector between systems,” says Keuper. “It is a very central component of typical industrial networks and we can bypass the authentication normally required to read or change anything. That’s why people found it the most important and interesting. It only took a few days to find it.”
2012 iPhone got hacked three weeks It is focused work. By contrast, the OPC UA hack was a side project, a distraction from the day-to-day work of Keuper and Alkemade. But the impact is huge.
There are huge differences between the consequences of hacking an iPhone and breaking into critical infrastructure software. An iPhone can be easily updated, and a new phone is always nearby.
On the contrary, some systems in critical infrastructures can last for decades. Some known security flaws cannot be fixed in any way. Operators are often unable to update their technology for security fixes because taking a system offline is out of the question. It’s not easy to turn a factory on and off like a light switch or a laptop.
“The playing field in industrial control systems is completely different,” says Keuper. “You have to think differently about security. You need different solutions. We need game changers.”
Despite their success this week, Keuper and Alkemade are under no illusions that industrial safety issues are resolved instantly. But it’s a good start for the two of them.
“I do research for the public good to help make the world a little bit safer,” says Alkemade.
“I hope we’ve made the world a safer place,” says Keuper.
Meanwhile, Pwn2Own contests are underway, which donated $2 million last year. Next month, hackers will gather in Vancouver to celebrate the show’s 15th anniversary. Is it one of the targets? A Tesla car.
[ad_2]
Source link