Attackers compromised Internet-facing OT devices and caused file and display manipulation, operational disruption, and financial losses across sectors.
I’ve not worked with infrastructure PLCs but have some familiarity with industrial PLCs.
The mode switch probably actually is an effective countermeasure. It’s common to leave machinery in Setup Mode all the time as you can’t change the program or parameters in Run Mode. I.E. you usually trust your crew not poke buttons they shouldn’t. Only in large factories do you find Run Mode being used, even large shops often leaves it in Setup.
As to gateways and firewalls, the amount of machinery exposed rawdog to the entire interwebs is truly frightening. A lot of industrial equipment have exposed ports that are completely unsecured. Think RS-232 style comms that allow program and even parameter editing.
I would imagine that many sewage trearment facilities are even less technologically sophisticated than a medium size machine shop.
Yep that’s what I though, this looks like payback from that.
The Dark reading article seems to be quite detailed but isn’t very serious though. Near the end it suggest these countermeasures:
All I can offer is surprised Pikachu face.
I’ve not worked with infrastructure PLCs but have some familiarity with industrial PLCs.
The mode switch probably actually is an effective countermeasure. It’s common to leave machinery in Setup Mode all the time as you can’t change the program or parameters in Run Mode. I.E. you usually trust your crew not poke buttons they shouldn’t. Only in large factories do you find Run Mode being used, even large shops often leaves it in Setup.
As to gateways and firewalls, the amount of machinery exposed rawdog to the entire interwebs is truly frightening. A lot of industrial equipment have exposed ports that are completely unsecured. Think RS-232 style comms that allow program and even parameter editing.
I would imagine that many sewage trearment facilities are even less technologically sophisticated than a medium size machine shop.