Cybersecurity researchers have elaborated a novel attack technique that weaponizes programmable logic controllers (PLCs) to gain an initial foothold in engineering workstations and subsequently invade the operational technology (OT) networks.
Dubbed “Evil PLC” attack by industrial security firm Claroty, the issue impacts engineering workstation software from Rockwell Automation, Schneider Electric, GE, B&R, Xinje, OVARRO, and Emerson.
Programmable logic controllers are a crucial component of industrial devices that control manufacturing processes in critical infrastructure sectors. PLCs, besides orchestrating the automation tasks, are also configured to start and stop processes and generate alarms.
It’s hence not surprising that the entrenched access provided by PLCs have made the machines a focus of sophisticated attacks for more than a decade, starting from Stuxnet to PIPEDREAM (aka INCONTROLLER), with the goal of causing physical disruptions.