"Critical Infrastructure Systems Are Vulnerable to a New Kind of Cyberattack"

Researchers at the Georgia Institute of Technology have discovered a way to take over computers that control infrastructure and industrial systems. Programmable Logic Controllers (PLCs) increasingly include embedded web servers and can be accessed on-site using web browsers. Attackers can use this method to gain complete access to the system. Such access could allow them to make motors spin out of control, turn off power relays or water pumps, disrupt Internet or telephone communication, or steal sensitive information. They could also launch or disrupt weapons. The researchers delved into web-based PLC malware that could provide complete device and physical process control. They developed an approach that is easier to execute than typical attacks on industrial or infrastructure systems. It is difficult to detect, with the ability to erase all traces of its presence. In addition, it is persistent because the malware can resurrect itself if operators detect malfunctions and reset controllers or replace hardware. This article continues to discuss the research on compromising industrial processes using web-based PLC malware.

Georgia Tech reports "Critical Infrastructure Systems Are Vulnerable to a New Kind of Cyberattack"

Submitted by grigby1