Process Control Through Counterfeit Comms: Using and Abusing Built-In Functionality to Own a PLC

Presented at ShmooCon XV (2019), Jan. 19, 2019, noon (60 minutes)

Programmable Logic Controllers (PLCs) are devices that factories, office buildings, and utilities, among other facilities, use to control the processes running in their environment. These devices were designed to do their job and do it well, however they were not built to protect against malicious actors. This talk walks through some of the vulnerabilities discovered while investigating a well known PLC, discussing some of the methodologies used in discovery and showing how stringing together a few seemingly minor vulnerabilities can result in device takeover.

Presenters:

• Jared Rittle
  Jared Rittle is a security researcher with Cisco Talos who spends his time focusing on the discovery, exploitation, and coverage of vulnerabilities in the embedded systems found in Industrial Control Systems (ICS), Supervisory Control and Data Acquisition (SCADA), and Internet of Things (IoT) devices. Jared’s background includes a couple college degrees as well as work in the private sector.

Links:

• https://infocon.org/cons/ShmooCon/ShmooCon 2019/Process Control Through Counterfeit Comms.mp4

Similar Presentations:

• DEF CON 30 (2022) / The Evil PLC Attack: Weaponizing PLCs
• BruCON 0x0A (2018) / Process Control through Counterfeit Comms: using and abusing built-in functionality to own a PLC
• Black Hat Europe 2016 / Ghost in the PLC: Designing an Undetectable Programmable Logic Controller Rootkit