Industrial Control Systems Threats
These guides will demonstrate the immediate need for a change in the way that non-security conscious Controls Systems Integrators access and install their equipment. There is a general gap in knowledge between Systems Integrators who are programming the PLC’s, HMI’s, and SCADA systems and their IT counterparts when dealing with new or updated systems at manufacturing facilities. The Integrators generally do not have the knowledge or mindset needed to set up a well secured system. Integrators usually are concerned only with being able to access the control devices (HMI’s, etc) remotely to alleviate additional trips onsite, which can be a costly endeavor over time, and to also provide quick support for their customers.
This approach has left many unprotected controls system devices wide open on the Internet available to anyone who would wish to misuse them. These systems can include critical infrastructure, school systems, manufacturing facilities, car washes, etc.
Follow the links below to view the full project pages. These guides are also available for direct download. on the sidebar.
(Future) Modicon M340 PLC Hacking Guide – Using Unity Pro XL
(Future) Allen-Bradley Panelview HMI Hacking Guide – Using PanelBuilder32