Lord Farquaad
Member
I have a weird question, or at least I think so. It is not something I would do, and I have never met people that would do things like this. I don't even protect FBs and routines that I write.
A bit of background:
I have a friend who works for a big engineering company. He is a project manager(Mechanical background). They have a warranty issue with one of their suppliers. The supplier did the PLC and SCADA system for the project. So, instead of waiting for the warranty issue to be resolved, the supplier demanded immediate payment, although the contract states they have no right to full payment until the job has been signed off. When this request for full payment was refused, said supplier made a claim that they pre-installed malware and this would be activated if payment is not forthcoming.
My friend then asked me if I could look into the PLC and SCADA software to see if there is anything weird in the code. I have no experience with Mitsubishi, but from what I can see, these guys are bluffing. The PLC is coded with GX Works3 and the SCADA with GT Designer. The PLC is a FX5U-32MR/ES connected to a GS2110-WTBD HMI Panel. None connected to the internet.
First of all, I think the malware claim is BS. But they might have put some timed trigger in the program somewhere, which at first glance, I can't see. But lets assume these guys knew beforehand that they are going to screw up and had to put something in the program to extort money,how would they have gone about it?
As this is not something that has ever crossed my mind to do, I have no idea where to start looking. How would someone go about this in a Mitsubishi PLC and HMI?
A bit of background:
I have a friend who works for a big engineering company. He is a project manager(Mechanical background). They have a warranty issue with one of their suppliers. The supplier did the PLC and SCADA system for the project. So, instead of waiting for the warranty issue to be resolved, the supplier demanded immediate payment, although the contract states they have no right to full payment until the job has been signed off. When this request for full payment was refused, said supplier made a claim that they pre-installed malware and this would be activated if payment is not forthcoming.
My friend then asked me if I could look into the PLC and SCADA software to see if there is anything weird in the code. I have no experience with Mitsubishi, but from what I can see, these guys are bluffing. The PLC is coded with GX Works3 and the SCADA with GT Designer. The PLC is a FX5U-32MR/ES connected to a GS2110-WTBD HMI Panel. None connected to the internet.
First of all, I think the malware claim is BS. But they might have put some timed trigger in the program somewhere, which at first glance, I can't see. But lets assume these guys knew beforehand that they are going to screw up and had to put something in the program to extort money,how would they have gone about it?
As this is not something that has ever crossed my mind to do, I have no idea where to start looking. How would someone go about this in a Mitsubishi PLC and HMI?
Last edited: