PLCs Exploited by “Evil PLC Attack” to Breach Networks

PLCs can be weaponized in a novel attack to take advantage of engineering workstations and then infiltrate OT and enterprise networks.
The “Evil PLC Attack” was developed by the Team82 group of Claroty, and it targets engineers who work on industrial networks, configure, and troubleshoot PLCs. Rockwell Automation, Schneider Electric, GE, B&R, Xinje, OVARRO, and Emerson engineering workstation software are all impacted by the problem.
Security experts claim that the research produced functional proof-of-concept vulnerabilities for seven of the industry’s top automation businesses, including Rockwell Automation, Schneider Electric, GE, B&R, XINJE, OVARRO, and Emerson.
Industrial gadgets that regulate production processes in essential infrastructure areas must include programmable logic controllers. PLCs are set up to start and halt processes, as well as to produce alarms, in addition to orchestrating the automation activities.
It is therefore not unexpected that PLCs have been the target of sophisticated attacks for more than a decade, starting with Stuxnet and continuing with PIPEDREAM aka INCONTROLLER, with the intention of causing physical outages.
The attack method  
  • Initially skeptical engineers connect to the compromised PLC using the engineering workstation software as a diagnostic tool after an opportunistic adversary purposefully causes a problem on an internet-exposed PLC.
  • When an engineer perf

    […]
    Content was cut in order to protect the source.Please visit the source for the rest of the article.

    This article has been indexed from CySecurity News – Latest Information Security and Hacking Incidents

    Read the original article: