Hackers find life-threatening vulnerabilities in Austrian ski lift control unit

Serious Vulnerabilities Identified in Austrian Ski Lifts Control System Can Disrupt its Operations- Researchers Claim.

The impact of last year’s hack attack on the internal network of Romantik Seehotel Jaegerwirt, the famous 111-year-old 4-star Austrian hotel, is still far from over. In that particular incident guests at the hotel couldn’t enter their rooms because the electronic key lock system was also hacked along with other systems at the hotel such as the reservations system.

The investigation revealed that hackers had installed malicious ransomware on the computers responsible for running the entire system of the hotel. Having no other choice, the hotel management paid the ransom and guests were finally able to breathe a sigh of relief.

Austria is in the news yet again bringing along echoes from the past. According to the findings of white-hat hackers Sebastian Neef and Tim Philipp Schäfers, the gondola lift operating at the Patscherkofel ski area in Austria is vulnerable to life-threatening hacking attacks.

Neef and Schäfers claim that the flaw is so serious it can lead to affecting the entire lift operating system installed at the ski area. The researcher duo managed to remotely access the ski lift system’s control unit. They identified that it was possible to start/stop/reverse the lifts because they could access the control unit. It was also possible to make changes in the safety distance parameters between lifts.

The lift was manufactured by the leading ropeways, ski lifts, and cable cars manufacturer in the world, the Dopplmayr/Garaventa group. The company boasts the “superlative safety level” of their products on its website, but the recently identified flaw points out that it is easier said than done.

Researchers shared a screenshot of the control unit, which is identical to the screenshot uploaded by the manufacturer on its website. Given that it was a serious issue, researchers notified the manufacturer immediately and the flaw has been fixed now.

Hackers find life-threatening vulnerabilities in Austrian ski lifts control system
Screenshot shared by hackers (left) – Screenshot on the manufacturer’s website (right).

The company also released a statement acknowledging the mistake on their part: “This was a mistake on our part and we changed that immediately when the operator informed us. It is important that the safety of passengers at no time was compromised.”

In an interview, researchers explained about their findings in detail. Here is an excerpt:

When asked about how they pulled off such a feat, Schäfers said that: “The control of the Patscherkofelbahn was accessible via a web interface unencrypted and without the need for authentication via the internet.”

“However, we do not have a corresponding check on the effect that a click on a button within the web interface would have had, since such access would be illegal under current law, in our opinion, dangerous,” the duo added.

The National Computer Emergency Response Team of Austria (CERT) has been informed and it has decided to halt the operations of the lift until a reliable security system is ensured.

Imagine what could have happened if the vulnerability wasn’t identified by white-hat hackers but cybercriminals?

Image credit: Depositphotos

Waqas

Waqas Amir is a Milan-based cybersecurity journalist with a passion for covering latest happenings in cyber security and tech world. In addition to being the founder of this website, Waqas is also into gaming, reading and investigative journalism.