IT disaster recovery, cloud computing and information security news

New attack method could target industrial control systems

Team82 has identified a novel attack that weaponizes programmable logic controllers (PLCs) in order to exploit engineering workstations. The method is being termed the ‘Evil PLC Attack’ by Team82.

The attack method could target engineers working every day on industrial networks, configuring and troubleshooting PLCs to ensure the safety and reliability of processes across critical industries such as utilities, electricity, water and wastewater, heavy industry, manufacturing, and automotive, among others.

PLCs have for more than a decade been the focus of advanced attacks. From Stuxnet to the recently uncovered Incontroller/Pipedream platform, threat actors try to reach and control PLCs in order to modify the processes they oversee, cause disruption, physical damage, and threaten personal safety. But what if an attacker was able to flip that scenario on its head and turn the PLC into the predator rather than the prey? What if there was a way to weaponize PLCs in order to exploit engineering workstations, the powerful platforms used to configure and maintain PLCs? These workstation applications are often a bridge between operational technology networks and corporate networks. An attacker who is able to compromise and exploit vulnerabilities in an engineering workstation could easily move onto the internal network, move laterally between systems, and gain further access to other PLCs and sensitive systems.

Team82’s Evil PLC Attack research resulted in working proof-of-concept for such an exploit against seven market-leading automation companies, including Rockwell Automation, Schneider Electric, GE, B&R, XINJE, OVARRO, and Emerson.

More details.



Want news and features emailed to you?

Signup to our free newsletters and never miss a story.

A website you can trust

The entire Continuity Central website is scanned daily by Sucuri to ensure that no malware exists within the site. This means that you can browse with complete confidence.

Business continuity?

Business continuity can be defined as 'the processes, procedures, decisions and activities to ensure that an organization can continue to function through an operational interruption'. Read more about the basics of business continuity here.

Get the latest news and information sent to you by email

Continuity Central provides a number of free newsletters which are distributed by email. To subscribe click here.