• Hacking News
    • Leaks
    • WikiLeaks
    • Anonymous
  • Tech
    • Android
    • Apple News
    • BlackBerry
    • Google News
    • Microsoft
    • Motorola
    • Nokia
    • Samsung
    • 3D
  • Cyber Crime
    • Phishing Scam
  • How To
  • Cyber Events
    • Censorship
    • Cyber Attacks
  • Security
    • Malware
  • Surveillance
    • Drones
    • NSA
    • Privacy
  • Explore
    • Gaming
    • Science
    • Viral
HackRead
  • April 23rd, 2021
  • Home
  • Advertise
  • Privacy Policy
  • Contact Us
HackRead
  • Hacking News
    • Leaks
    • WikiLeaks
    • Anonymous
  • Tech
    • Android
    • Apple News
    • BlackBerry
    • Google News
    • Microsoft
    • Motorola
    • Nokia
    • Samsung
    • 3D
  • Cyber Crime
    • Phishing Scam
  • How To
  • Cyber Events
    • Censorship
    • Cyber Attacks
  • Security
    • Malware
  • Surveillance
    • Drones
    • NSA
    • Privacy
  • Explore
    • Gaming
    • Science
    • Viral
  • Follow us
    • Facebook
    • Twitter
    • Linkedin
    • Youtube
Home
Security

Hackers find life-threatening vulnerabilities in Austrian ski lift control unit

April 24th, 2018 Waqas Security 0 comments
Hackers find life-threatening vulnerabilities in Austrian ski lift control unit
Share on FacebookShare on Twitter

Serious Vulnerabilities Identified in Austrian Ski Lifts Control System Can Disrupt its Operations- Researchers Claim.

The impact of last year’s hack attack on the internal network of Romantik Seehotel Jaegerwirt, the famous 111-year-old 4-star Austrian hotel, is still far from over. In that particular incident guests at the hotel couldn’t enter their rooms because the electronic key lock system was also hacked along with other systems at the hotel such as the reservations system.

The investigation revealed that hackers had installed malicious ransomware on the computers responsible for running the entire system of the hotel. Having no other choice, the hotel management paid the ransom and guests were finally able to breathe a sigh of relief.

Austria is in the news yet again bringing along echoes from the past. According to the findings of white-hat hackers Sebastian Neef and Tim Philipp Schäfers, the gondola lift operating at the Patscherkofel ski area in Austria is vulnerable to life-threatening hacking attacks.

Neef and Schäfers claim that the flaw is so serious it can lead to affecting the entire lift operating system installed at the ski area. The researcher duo managed to remotely access the ski lift system’s control unit. They identified that it was possible to start/stop/reverse the lifts because they could access the control unit. It was also possible to make changes in the safety distance parameters between lifts.

The control unit of a Ski lift gondola in Austria was exposed to the internet, allowing you to start/stop/reverse it and even configure the steel cable tension! 😮 #internetofshit Article: (German) https://t.co/4pDbmXszQ9 pic.twitter.com/EslM0fcJ3o

— svbl (@svblxyz) April 19, 2018

The lift was manufactured by the leading ropeways, ski lifts, and cable cars manufacturer in the world, the Dopplmayr/Garaventa group. The company boasts the “superlative safety level” of their products on its website, but the recently identified flaw points out that it is easier said than done.

Researchers shared a screenshot of the control unit, which is identical to the screenshot uploaded by the manufacturer on its website. Given that it was a serious issue, researchers notified the manufacturer immediately and the flaw has been fixed now.

Hackers find life-threatening vulnerabilities in Austrian ski lifts control system

Screenshot shared by hackers (left) – Screenshot on the manufacturer’s website (right).

The company also released a statement acknowledging the mistake on their part: “This was a mistake on our part and we changed that immediately when the operator informed us. It is important that the safety of passengers at no time was compromised.”

In an interview, researchers explained about their findings in detail. Here is an excerpt:

When asked about how they pulled off such a feat, Schäfers said that: “The control of the Patscherkofelbahn was accessible via a web interface unencrypted and without the need for authentication via the internet.”

“However, we do not have a corresponding check on the effect that a click on a button within the web interface would have had, since such access would be illegal under current law, in our opinion, dangerous,” the duo added.

The National Computer Emergency Response Team of Austria (CERT) has been informed and it has decided to halt the operations of the lift until a reliable security system is ensured.

Imagine what could have happened if the vulnerability wasn’t identified by white-hat hackers but cybercriminals?

Image credit: Depositphotos

  • Tags
  • Austria
  • Cyber Attack
  • hacking
  • Infosec
  • internet
  • Ransomware
  • security
  • Vulnerability
Facebook Twitter LinkedIn Pinterest
Previous article Trustjacking: iTunes' Wi-Fi Sync Feature Vulnerable to Exploitation
Next article All Nintendo Switch Consoles Contain Unpatchable Chip-Level Flaw
Waqas

Waqas

I am a UK-based cybersecurity journalist with a passion for covering the latest happenings in cyber security and tech world. I am also into gaming, reading and investigative journalism

Related Posts
Hacked Android phones mimicked connected TV products for fake ad views

Hacked Android phones mimicked connected TV products for fake ad views

Signal CEO hacks Cellebrite cellphone hacking, cracking tool

Signal CEO hacks Cellebrite cellphone hacking, cracking tool

Play Store apps plagued with malware have 700,000 downloads

Play Store apps plagued with malware have 700,000 downloads

Newsletter

Get the best stories straight into your inbox!



Don’t worry, we don’t spam

Latest Posts
Hacked Android phones mimicked connected TV products for fake ad views
Cyber Crime

Hacked Android phones mimicked connected TV products for fake ad views

Signal CEO hacks Cellebrite cellphone hacking, cracking tool
Hacking News

Signal CEO hacks Cellebrite cellphone hacking, cracking tool

Play Store apps plagued with malware have 700,000 downloads
Security

Play Store apps plagued with malware have 700,000 downloads

HACKREAD is a News Platform that centers on InfoSec, Cyber Crime, Privacy, Surveillance and Hacking News with full-scale reviews on Social Media Platforms & Technology trends. Founded in 2011, HackRead is based in the United Kingdom.

Follow us