A proof of concept worm demonstrated at BlackHat Asia shows that the programmable logic controller (PLC) worm could be a disaster for power plants and other utilities. David Meltzer, Chief Research Officer for Tripwire provides an insight below.
David Meltzer, Chief Research Officer, Tripwire:
“This research shows how serious the risk is to industrial environments. While theoretically this could spread extremely quickly, organizations that follow good security practices can do much to mitigate these kinds of attacks today.”
Meltzer explains, “Industrial firewalls that implement IEC62443 guidelines segment networks into zones that would prevent PLCs from broadly communicating with each other. Following vendor recommendations for updating firmware revisions and securely configuring devices can also reduce the attack surface for these types of attacks. Although this is an important potential attack vector, the most likely system to be compromised in an industrial environment is still, like on IT systems, a Windows PC.”