Hi Paul,
One of my customers does it will a MicroLogix 1100, so I am sure he can do it with a CLX or any other AB that is on the Ethernet network
That is part of his demo.... he sets up one of my trainers at his customers site, then hacks into their network and changes the plc program, this is with their firewall and security inplace
I also made him a S7 300 and S7 1200 that he does the saem with
To what extent does he change the program? And to what extent is he able to cover up his mischief? Can simply going online identify that running program is not the same?
I read the article, I thought it was an extremely good read. It did actually comfort me, as odd as that seems. It did so because of how specific the system had to be for it to be effective. On top of that, because of the minor glitches it caused, it made it a headache for their maintenance to actually find the root cause of, and therefore get rid off. They were able to cover their tracks because they knew the specifics of the system they were running. They knew what they had to look for to consider the system a "target".
Because of the specifics, I know this is not a threat to any production system other than it's target.
Certainly this does pose a treat to control systems, however what is the motivation? How much effort do you put in to cover your tracks. It's one thing to write a program and download it to some unknown controller and cause a plant shutdown (yes I realize process critical operations such as oil, gas, power this is a true security treat). But for other manufacturing/production operations this type of breach would be easy to find by maintenance and easy to fix. Sure a production time is lost, and it hurts a company but who would really know about it? Any ex-employee could plant code "bombs" and cause the same problems. I would think former employees would be the people with the motivation, not someone unknown to the process, who wouldn't know the full extend of their hacking... Now, if they could take down multiple controllers at a facility and create extended downtime that certainly raises the eye brows higher, but again how does the end hacker see their reward?
It is certainly a topic that will grow, and people should keep educated as to what is out there, but at the end of the day there are hundreds of other threats a facility faces each day (power outages, ID10T, hardware malfunctions, management...) which are more likely to cause a dangerous or shutdown situation than a hacker.