"Web-Based PLC Malware: A New Potential Threat to Critical Infrastructure"

Researchers from Georgia Tech's College of Engineering developed web-based Programmable Logic Controller (PLC) malware capable of targeting most PLCs from major manufacturers. Their web-based PLC malware resides in PLC memory but is eventually executed client-side by different browser-equipped devices in the ICS environment. The researchers explained that the malware then uses ambient browser-based credentials to interact with the PLC's legitimate web Application Programming Interfaces (APIs) in order to attack the underlying real-world machinery. This article continues to discuss the concept of PLCs and the researchers' web-based PLC malware.

Help Net Security reports "Web-Based PLC Malware: A New Potential Threat to Critical Infrastructure"

Submitted by grigby1