The increasing prevalence of programmable logic controllers (PLCs) featuring embedded web servers has opened avenues for potential catastrophic remote attacks on operational technology (OT) within industrial control systems (ICS) in critical infrastructure sectors.
Researchers from the Georgia Institute of Technology have developed malware that could enable adversaries to remotely access embedded web servers in PLCs, potentially leading to manipulation of output signals, falsification of sensor readings, disabling safety systems, and other actions with severe consequences, including loss of life.
PLCs are integral components of ICS, responsible for controlling physical processes and machinery in manufacturing, industrial, and critical infrastructure settings.
Malware targeting PLCs typically aims to disrupt or sabotage the physical processes they control.
The newly developed web-based PLC malware differs fundamentally from traditional PLC malware. Unlike previous versions that required prior physical or network access, the web-based malware attacks the front-end web layer in PLCs using malicious JavaScript.
This approach eliminates some limitations faced by previous malicious code, providing advantages such as platform independence, ease of deployment, and higher levels of persistence.
Historically, PLC malware-infected firmware or control logic, requires specific access or is easily erasable via factory resets.
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
This article has been indexed from CySecurity News – Latest Information Security and Hacking Incidents
Read the original article: