You are not registered yet. Please click here to register!


 
 
plc storereviewsdownloads
This board is for PLC Related Q&A ONLY. Please DON'T use it for advertising, etc.
 
Try our online PLC Simulator- FREE.  Click here now to try it.

---------->>>>>Get FREE PLC Programming Tips

New Here? Please read this important info!!!


Go Back   PLCS.net - Interactive Q & A > PLCS.net - Interactive Q & A > LIVE PLC Questions And Answers

PLC training tools sale

Reply
 
Thread Tools Display Modes
Old July 11th, 2018, 10:28 AM   #16
Paully's5.0
Lifetime Supporting Member
United States

Paully's5.0 is offline
 
Join Date: Jan 2006
Location: WI
Posts: 2,040
Quote:
Originally Posted by BryanG View Post
...but we are putting a lot of time in to worrying about something that doesn't seem to be happening much.
I don't think anyone is panicking about the direct impacts, IMHO it is more about awareness and the indirect response. Given the rise of ransomware and real-world examples of ICS attacks you can no longer go into a facility and tell the management team - "The ICS computers require Windows 7, you can't apply Windows updates after it's commissioned, full administrator level access is required across the board, the ICS network needs to be isolated, BUT we need VPN access for remote support..."

It's just full of holes.
  Reply With Quote
Old July 11th, 2018, 10:37 AM   #17
dmargineau
Lifetime Supporting Member
United States

dmargineau is offline
 
dmargineau's Avatar
 
Join Date: Dec 2011
Location: Midwest
Posts: 2,385
When sufficient means are available any given system is vulnerable to attacks... The Cat-and-Mouse game had been going on since economic and/or political competition existed and will not cease until said competition becomes history...Never that is...

It is always a matter of minimizing damages...
  Reply With Quote
Old July 11th, 2018, 10:37 AM   #18
AustralIan
Member
United Kingdom

AustralIan is offline
 
Join Date: Jan 2013
Location: UK
Posts: 763
Quote:
Originally Posted by BryanG View Post
Just to give a different view because I like to be awkward.

How many threads do we have here where we discuss the possibilities and Stuxnet (61 threads that mention Stuxnet). How many threads where a member has actually discovered a worm or virus in their PLC systems, I don't actually remember one. I am sure someone will point me to a thread to prove me wrong, but we are putting a lot of time in to worrying about something that doesn't seem to be happening much. I am not saying we shouldn't be secure, but maybe don't close the concrete bunker lid quite yet. If you are running a power or water purification plant perhaps some paranoia is justified, but average Joe using a PLC to run his dust extraction system is probably OK.
http://www.plctalk.net/qanda/showthread.php?t=112082
  Reply With Quote
Old July 11th, 2018, 11:09 AM   #19
harryting
Lifetime Supporting Member
United States

harryting is offline
 
harryting's Avatar
 
Join Date: May 2002
Location: Puget Sound
Posts: 1,823
Quote:
Originally Posted by BryanG View Post
Just to give a different view because I like to be awkward.

How many threads do we have here where we discuss the possibilities and Stuxnet (61 threads that mention Stuxnet). How many threads where a member has actually discovered a worm or virus in their PLC systems,
Speaking of awkward.. I can't say what I want to say in this forum but I'll just say that it really happens and it involves some of the biggest names you heard of. And no, you won't find it on Google.

Think like the "bad guy" for a brief minutes or two. I'm sure everyone here can penetrate a system with a bit of effort and there are people there

It's not about being paranoid. Just being aware. After all, how many people you know gets run over on the highway. We are just simply being aware not to run across 8 lanes of traffic going at 60+ MPH. Being aware doesn't mean a lot of $ or effort.
  Reply With Quote
Old July 11th, 2018, 12:42 PM   #20
BryanG
Member
United Kingdom

BryanG is offline
 
Join Date: Feb 2005
Location: Manchester
Posts: 1,267
Quote:
http://www.plctalk.net/qanda/showthread.php?t=112082
I told you someone would find one, but to be fair connecting a device direct to an open port on the internet, you really get what you deserve. So I am not going to include this one.

Quote:
Speaking of awkward.. I can't say what I want to say in this forum
Not sure what the anger is about. I didn't say it never happens, just that we talk about it a lot more than it actually happens. I appreciate that companies don't always report attacks and more shame on that, it is only with accurate data that we can know the risk. I do think that the anonymity here would allow people to tell when they had a problem, which brings me back to the 61 threads talking about Stuxnet and the 'almost' none mentioning actual attacks.
__________________
Knowledge is power, share the knowledge.
  Reply With Quote
Old July 11th, 2018, 12:55 PM   #21
cardosocea
Member
United Kingdom

cardosocea is offline
 
Join Date: Nov 2016
Location: Fields of corn
Posts: 969
Quote:
Originally Posted by BryanG View Post
Not sure what the anger is about. I didn't say it never happens, just that we talk about it a lot more than it actually happens. I appreciate that companies don't always report attacks and more shame on that, it is only with accurate data that we can know the risk. I do think that the anonymity here would allow people to tell when they had a problem, which brings me back to the 61 threads talking about Stuxnet and the 'almost' none mentioning actual attacks.

I had a colleague of mine discover one offshore Australia back in 2011. The software he was looking into had been a standard format for years and when he plugged in his laptop (which was not infected) he noticed some weird blocks.

It didn't affect the system as none of the addresses Stuxnet looked for were available in the system... He opened the project in the local engineering station and the funny blocks weren't there.



Disconnected the Engineering Station, re-imaged the drive, reset the PLC to factory condition, download software again and that was it.
  Reply With Quote
Old July 11th, 2018, 03:05 PM   #22
harryting
Lifetime Supporting Member
United States

harryting is offline
 
harryting's Avatar
 
Join Date: May 2002
Location: Puget Sound
Posts: 1,823
Quote:
Originally Posted by BryanG View Post

Not sure what the anger is about. .
?! sorry, i just laughed. Such as the problem with my posting sometime. I meant to say that I can't put down any detail of an actual case of an ICS infection I have first hand knowledge on, not that I want to say something untoward to you.

No anger here, just some frustration dealing with compliance and IT sometimes. Truth is, most people deal with small non critical system that cyber-security isn't a big deal as long as you can recover from it.
  Reply With Quote
Reply
Jump to Live PLC Question and Answer Forum

Bookmarks


Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump

Similar Topics
Thread Thread Starter Forum Replies Last Post
Add 30 days to time/date stamp hackj0632 LIVE PLC Questions And Answers 1 August 17th, 2015 03:57 PM
Panelview Plus with DH+ module stops communicating after a few days Bill Sikorski LIVE PLC Questions And Answers 2 February 6th, 2015 09:19 PM
OT: Way OT geniusintraining LIVE PLC Questions And Answers 25 June 17th, 2010 02:28 AM
OT: Ireland (way OT) sapoleon LIVE PLC Questions And Answers 8 September 19th, 2007 09:39 AM
Siemens S7 Julian Date Conversion Formula Mike Graham LIVE PLC Questions And Answers 7 June 6th, 2005 01:18 PM


All times are GMT -5. The time now is 05:14 PM.


.