cottagewood
Member
Has anybody experienced having their PLC hacked,
We recently finished a machine refurb in Latin america, we provided them with an HMS lan/wan modem so that we could support them. Despite it being part of the agreement they dragged their heels in connecting it and after we left site, sure enough, they needed support but the mode still wasn't connected.Using Teamviewer they wanted us to load our program on to their laptop which had TIA portal on it citing that the modem the secure. However, I became suspicious of them and refused any other method than vpn. After a standoff of a couple of days they relented and connected the modem.
As soon as I went on line I could see the PLC program didn't match the one I'd left. On uploading the PLC, apart from 1 FC every block was deleted, all the DBs OBs and FCs. The PLC password and the Knowhow password on the block that was left were still the same as the ones I'd set.
Once I pointed this out to them and asked for an explanation they disconnected the modem. Several days later they emailed to say that there had been a network connection problem and they cycled the power and hey ho, the machine was all working again and them trying to say the program was never tampered with.
I suspect they tried to copy the memory card and have either succeeded or put back the original one.
A colleague told me there are ways to circumvent the Know how protection and a friend who works in the paper industry told me that all manufacturers have a backdoor method of getting round passwords albeit this not being public knowledge. Certainly in the UK Siemens would tell you there is no method to get round the password other than deleting the memory card. I suspect in the country where this machine is, there may be a less than scrupulous agent assisting them.
We recently finished a machine refurb in Latin america, we provided them with an HMS lan/wan modem so that we could support them. Despite it being part of the agreement they dragged their heels in connecting it and after we left site, sure enough, they needed support but the mode still wasn't connected.Using Teamviewer they wanted us to load our program on to their laptop which had TIA portal on it citing that the modem the secure. However, I became suspicious of them and refused any other method than vpn. After a standoff of a couple of days they relented and connected the modem.
As soon as I went on line I could see the PLC program didn't match the one I'd left. On uploading the PLC, apart from 1 FC every block was deleted, all the DBs OBs and FCs. The PLC password and the Knowhow password on the block that was left were still the same as the ones I'd set.
Once I pointed this out to them and asked for an explanation they disconnected the modem. Several days later they emailed to say that there had been a network connection problem and they cycled the power and hey ho, the machine was all working again and them trying to say the program was never tampered with.
I suspect they tried to copy the memory card and have either succeeded or put back the original one.
A colleague told me there are ways to circumvent the Know how protection and a friend who works in the paper industry told me that all manufacturers have a backdoor method of getting round passwords albeit this not being public knowledge. Certainly in the UK Siemens would tell you there is no method to get round the password other than deleting the memory card. I suspect in the country where this machine is, there may be a less than scrupulous agent assisting them.
