13

Wired reports that there are many security issues with Programmable Logic Controllers (PLCs) and now there is an easy to use tool to scan and detect vulnerabilities.

They say it's so easy, the update for Metasploit make it analogous to Firesheep for PLCs.

  • What must IT shops do to prevent attack?

  • If the PLC controllers are not on the network, or are isolated, should we still be concerned?

  • If an IT shop has no PLCs in the course of business (manufacturing, etc), are the HVAC systems of the datacenter or door/access control systems vulnerable?

Improve this question
1
  • I think its bad news bears :-\ I think we're(humanity as a whole) is about to experience a new kind of situation, the moment a virtual event consequently effects physical life. It;s been vulnerable for years, and trust me, every governments got their hands all over it.
    – user7060
    CommentedJan 20, 2012 at 4:52

1 Answer 1

Reset to default
9

This just brings into the public eye something which has been happening for ages: everything is vulnerable. SCADA kit used to be safer as it generally wasn't connected directly to public networks and was considered obscure, however the targets are juicy, and the security levels generally pitifully low so attackers have always researched ways to exploit them.

The broad concepts to prevent attack are the same as for anything else

  • segregate networks with access control devices (routers, firewalls etc)
  • secure communication links (encryption, authentication, and yes, removable media!)
  • harden platforms and applications
  • review code
  • penetration testing

In respect to your sub-questions:

  • if the PLC's are not connected (and you can confirm this) then they can't be attacked through a connection. However most are connected through some type of link, so assume that link is the attack conduit
  • PLC's are a specific area for this Metasploit update, however you should generally assume any system has vulnerabilities and plan accordingly based on your risk appetite.
Improve this answer
5
  • Stuxnet was spread through USB sticks. Isolated networks did not seem to help much for Iran...
    – Dog eat cat world
    CommentedJan 20, 2012 at 8:52
  • 2
    You see my point about not connected - those were connected via those USB sticks. This is the problem, and why I raised the point specifically.
    – Rory Alsop
    CommentedJan 20, 2012 at 9:22
  • Compairing this metasploit update with Stuxnet is like compairing a lada to a bugatti veyron. Stuxnet had a lot more bells and whistles. As it was not a SCADA exploit that made the spread possible as rather more than 10 zero day exploits on windows.
    – Lucas Kauffman
    CommentedJan 20, 2012 at 9:24
  • 1
    Also, I agree with rory, you can easily close all usb ports with epoxy.
    – Lucas Kauffman
    CommentedJan 20, 2012 at 9:26
  • Four zero day exploits. Refs: zdnet.com/blog/security/… and en.wikipedia.org/wiki/Stuxnet#Windows_infection ; signed drivers blogs.technet.com/b/mmpc/archive/2010/07/16/… and other vectors. Stuxnet was very much a kitchen-sink shot at SCADA systems.
    – TristanK
    CommentedJan 20, 2012 at 11:04

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.