Technology and gaming content trusted in North America and globally since 1999
8,587 Reviews & Articles | 67,031 News Posts

Researchers find and release new exploits to hijack critical infrastructure

Researchers have found two exploits that can easily shut down a factory or refinery.

By Trace Hagan on Apr 5, 2012 at 05:33 pm CDT - 0 mins, 52 secs reading time

Researchers have found and released two exploits that are similar to the Stuxnet worm that attacked nuclear centrifuges in Iran. These two exploits are capable of being used to damage critical infrastructure, such as refineries or factories. The exploits operate on the same piece of hardware, but have two different outcomes.

Researchers find and release new exploits to hijack critical infrastructure | TweakTown.com

The first method is just sending a "stop" command which causes the piece of hardware to stop its functions thus shutting down whatever the piece of hardware is responsible for doing. The second method is much more dangerous. Instead of just stopping or shutting down the factory, this exploit can be used to cause damage.

This exploit involves downloading the ladder logic that is currently on the PLC. It is analyzed so that it can be understood what the device is doing. A modified ladder logic is then uploaded which automatically overwrites the current logic on the device. Both exploits use the fact that the actual PLC device doesn't have any authentication. If you can talk to it, you can write to it.

Last updated: Nov 30, -0001 at 12:00 am CST

Trace Hagan

ABOUT THE AUTHOR - Trace Hagan

Trace is a starving college student studying Computer Science. He has a love of the English language and an addiction for new technology and speculation. When he's not writing, studying, or going to class, he can be found on the soccer pitch, both playing and coaching, or on the mountain snowboarding.

NEWS SOURCE:arstechnica.com

Related Tags