Rockwell hack attack on a ControlLogix

Looks legit.
VxWorks (or VxNotWorks) is really widespread so vulnerabilities like these have great impact.


I checked some of the manufacturers bulletins and for ABB one of the products was 800xA, the high end DCS system with a wide user base in alot of industry but most critically in heat and power generation - that is not good.
 
jdbrandt said:
How is this NOT in the news?
Click to expand...

I don't think there are confirmed attack yet. It will take quite a bit more work to develop it into an attack package like Stuxnet and it will also require physical access for vast majority of control network. However, it's a matter of time. I doubt most end user would replace their systems just to avoid this specific issue.
 
I am just confused over the term "ethical hacking"

Apparently it is mainstream and widespread, but do those two words go together ?

"Hacking", in my vocabulary, means doing something you're no supposed to be doing, so how can it be ethical ?

Sure as eggs are eggs it's going to happen, just curious as to why it's called "ethical"
 
daba said:
I am just confused over the term "ethical hacking"

Apparently it is mainstream and widespread, but do those two words go together ?

"Hacking", in my vocabulary, means doing something you're no supposed to be doing, so how can it be ethical ?

Sure as eggs are eggs it's going to happen, just curious as to why it's called "ethical"
Click to expand...

They absolutely go together. Maybe the problems is your definition of hacking. I see hacking is doing something that the developer didn't intend for you to do, it has nothing to do with ethics or morals. Its ethical because the intention was to find a flaw, then let the developer know about the flaw so that the developer can find a way to protect against the hack.

An ethical hacker would let the developer know of a flaw so that others would not steal, an unethical hacker would steal, or sell the hack to people that would steal.
 
daba said:
I am just confused over the term "ethical hacking"

Apparently it is mainstream and widespread, but do those two words go together ?

"Hacking", in my vocabulary, means doing something you're no supposed to be doing, so how can it be ethical ?

Sure as eggs are eggs it's going to happen, just curious as to why it's called "ethical"
Click to expand...

To quote Wikipedia, "Originally, hacker simply meant advanced computer technology enthusiast (both hardware and software) and adherent of programming subculture"

For additional evidence, look at an early jargon file entry for hacker:
HACKER Originally, someone who makes furniture with an axe.
1. n. A person who is good at programming quickly. Not everything a hacker produces is a hack.
2. An expert at a particular program, example: "A SAIL hacker".
3. A malicious or inquisitive meddler who tries to discover information by poking around. Hence "keyword hacker", "network hacker".
Click to expand...

(The entry for 'hack' is also relevant, but long enough I won't quote it here)

In the 80s and 90s, mainstream media popularized the third definition and derived meanings, and as a result that has become the default (and often only) usage. Prior to that, the term was largely used as a compliment among computer enthusiasts.
 
daba said:
I am just confused over the term "ethical hacking"

Apparently it is mainstream and widespread, but do those two words go together ?

"Hacking", in my vocabulary, means doing something you're no supposed to be doing, so how can it be ethical ?

Sure as eggs are eggs it's going to happen, just curious as to why it's called "ethical"
Click to expand...

Hacking is manipulation. MacGuyver was a hacker.
Computer folks split it into two camps, White Hat and Black Hat. Good guys and bad guys.
White hat hackers find vulnerabilities so they can be fixed.
 

Similar Topics

B
Installing Rockwell Software
Hello all, I am an Industrial Electrician, and deal with a little bit of everything including PLC troubleshooting and programming. When I started...
Replies
3
Views
148
Operaghost
Operaghost
F
Rockwell PID to P_PIDE
I am working on a large migration of the standard PID instruction to the PlantPAx P_PIDE. Has anyone done a migration like this before and have a...
Replies
1
Views
162
FriedNickman
F
dalporto
Rockwell MVM Block
Hi all. What is the purpose of that block (MVM) when used with a 2#1111_1111_1111_1111 mask in that situation? I'm really hoping there is...
Replies
5
Views
167
drbitboy
drbitboy
K
Rockwell 1719 A24 Extension Rack
Customer is adding an extension rack to an existing A22. They wired and powered it up, I configured the new cards in the PLC starting from slot 23...
Replies
4
Views
148
JeffKiper
JeffKiper
S
Rockwell PLC Looses Connection Evrytime I reboot..
I have got an Rockwell PLC 1769-L36ERMS . I have assigned a IP address to it . But every-time I Reboot the PLC it looses Communication to my PC...
Replies
1
Views
113
Ken Roach
Ken Roach
Back
Top Bottom