Critical security flaw found in control systems of several hospitals and supermarket chains

• Research study exposed a security flaw existing in temperature control systems manufactured by Resource Data Management.
• Many popular names that incorporate these control systems include Marks & Spencer, Ocado & Way-on.

Resource Data Management (RDM), a Scottish firm engaged in providing remote monitoring solutions, was found to have security loopholes in its temperature control systems (TCS).

According to security researchers Noam Rotem and Ran L who conducted a detailed analysis, there may be thousands of organizations using these systems affected by the security vulnerabilities.

Hospitals and supermarket chains including Marks & Spencer, Ocado, and Way-on, use TCS built by RDM. From the report, it is evident that these systems use unsecured HTTP protocol and the 9000 port (or sometimes 8080, 8100, or even simply 80).

On top of this, all of them had default usernames and passwords, which are left unchanged by administrators. Thus, anyone with the right URL could easily access these systems.

Thousands of vulnerable systems

The researchers warned about the number of vulnerable system stating, "A basic scan reveals hundreds of installations in the UK, Australia, Israel, Germany, the Netherlands, Malaysia, Iceland, and many other countries around the world. As each installation has dozens of machines under it, we’re looking at many thousands of vulnerable machines."

The researchers found over 7,000 installations with vulnerabilities through Shodan. The scary part is some of the devices installed with these control systems could even be found by a Google search.

In their research, Rotem and Ran also demonstrated how RDM-made control systems in a hospital as well as a supermarket, could be easily accessed. All they had to do was find the device URL and input the default username and password combination. Similarly, they even got into systems of Marks and Spencer and other companies from Italy, Germany, and Malaysia.

Change the credentials

Meanwhile, Rotem and Ran informed RDM of these security issues. However, the company first fended off the researchers without showing interest in the incident but later responded saying that they have no control over how their customer configure their TCS installations.

Furthermore, RDM has notified of an update to resolve this issue and has urged user admins to change default credentials in TCS.