Web-based PLC malware: A new potential threat to critical infrastructure

A group of researchers from Georgia Tech’s College of Engineering have developed web-based programmable logic controller (PLC) malware able to target most PLCs produced by major manufacturers. “Our Web-Based (WB) PLC malware resides in PLC memory, but ultimately gets executed client-side by various browser-equipped devices throughout the ICS environment. From there, the malware uses ambient browser-based credentials to interact with the PLC’s legitimate web APIs to attack the underlying real-world machinery,” the researchers explained. What … More →

The post …

browser client client-side college controller critical critical infrastructure devices don't miss engineering environment georgia hot stuff ics infrastructure logic major malware manufacturers memory plc plcs research researchers scada target tech threat ultimately web web application security