Alexander Bolshev and Ivan Yushkevich have examined a total of 34 SCADA apps for monitoring and controlling industrial equipment and processes, reports the online edition of Technology Review . In the apps that they randomly selected from the Google Play Store, they found 147 vulnerabilities. Only two of the apps were free from error. However, the two security researchers did not want to reveal which weaknesses were discovered and at which companies they were found. They did, however, inform the companies before publication. Some of the gaps have since already been closed.
Given the potential consequences, industrial companies should take the result seriously. Some of the loopholes could allow hackers to intervene in the flow of data between an app and its associated attachment, Bolshev and Yushkevich report. With another, attackers could smuggle malicious code onto a mobile device, which it then forwards to the server.
The fact remains: Industry 4.0 can only become a success story if the corresponding safety aspects are also considered right from the start. The German Association of Chambers of Commerce and Industry (DIHK) has already published a Brochure that assists in the safe entry into networked processes. It is aimed at medium-sized and small businesses.