The Latest in IT Security

Hacking the PLC via Its Engineering Software

07
Aug
2020
Hacking the PLC via Its Engineering Software

image credit: piqsels

Attackers don’t need to directly hack into a programmable logic controller (PLC) to wreak havoc on an industrial process: they can target its configuration files and pivot from there.

Researchers over the past year have been exposing easily exploitable holes in the so-called project files that reside in industrial control system (ICS) software for PLCs. Nadav Erez, research team lead at Claroty, will demonstrate at DEF CON today one such attack on a PLC project file, that of Phoenix Contact’s PLCnext Engineer software, which engineers use to configure the vendor’s PLC. Phoenix Contact’s vulnerable project file software, which was recently patched, is the latest in a series of such software programs from PLC vendors patched for flaws, including Mitsubishi, Rockwell, Schneider, and Siemens.

Read More

Comments are closed.

Categories

THURSDAY, MARCH 28, 2024
WHITE PAPERS

Mission-Critical Broadband – Why Governments Should Partner with Commercial Operators:
Many governments embrace mobile network operator (MNO) networks as ...

ARA at Scale: How to Choose a Solution That Grows With Your Needs:
Application release automation (ARA) tools enable best practices in...

The Multi-Model Database:
Part of the “new normal” where data and cloud applications are ...

Featured

Archives

Latest Comments