Source |
CSO |
Identifiant |
6359408 |
Date de publication |
2022-08-16 14:11:00 (vue: 2022-08-16 22:05:37) |
Titre |
"Evil PLC Attack" weaponizes PLCs to infect engineering workstations |
Texte |
Most attack scenarios against industrial installations, whether in manufacturing or in critical infrastructure, focus on compromising programmable logic controllers (PLCs) to tamper with the physical processes they control and automate. One way to get malicious code running on PLCs is to first compromise a workstation that engineers use to manage and deploy programs on them, but this can be a two-way street: A hijacked PLC can also be used to compromise engineering workstations, and this opens the door to powerful lateral movement attacks.In a new paper released over the weekend, researchers from industrial control systems (ICS) cybersecurity firm Claroty documented proof-of-concept "Evil PLC Attacks" against engineering software from seven ICS manufacturers: Rockwell Automation, Schneider Electric, GE, B&R, Xinje, OVARRO, and Emerson.To read this article in full, please click here |
Envoyé |
Oui |
Condensat |
against also article attack attacks automate automation b&r but can claroty click code compromise compromising concept control controllers critical cybersecurity deploy documented door electric emerson engineering engineers evil firm first focus from full get here hijacked ics industrial infect infrastructure installations lateral logic malicious manage manufacturers: manufacturing most movement new one opens ovarro over paper physical plc plcs please powerful processes programmable programs proof read released researchers rockwell running scenarios schneider seven software street: systems tamper them two use used way weaponizes weekend whether workstation workstations xinje |
Tags |
|
Stories |
|
Notes |
|
Move |
|