Security News > 2021 > July > Industrial Networks Exposed Through Cloud-Based Operational Tech

Industrial Networks Exposed Through Cloud-Based Operational Tech
2021-07-22 17:46

OT engineers using Automation Server can download logic and configure their PLCs through the cloud-based Automation Server management console.

WAGO PFC100/200 meanwhile is a series of PLCs that make heavy use of the CODESYS runtime, and most of the communication, configuration and programming of these PLCs is done through the CODESYS platform.

"And the reverse is also true: Weaknesses in the cloud platform and its peripherals can put an attacker in the driver's seat for uncontrolled access to field devices and industrial processes."

In one proof-of-concept, they were able to modify a CODESYS Package Designer package to retrieve a user's cloud credentials; the attack involves socially engineering a logged-in user to install it.

"Team82's latest research was motivated by the reality that organizations in the Industry 4.0 era are incorporating cloud technology into their OT and industrial internet of things for simplified management, better business continuity and improved performance analytics," Amir Preminger, vice president of research, at Claroty said.

May's crippling ransomware attack on the Colonial Pipeline impacted the OT level, for example, interrupting fuel supplies to most of the East Coast of the U.S. Just last week, Schneider Electric programmable logic controllers used in manufacturing, building automation and healthcare, were reported to have vulnerabilities that allowed attackers to gain root-level control.


News URL

https://threatpost.com/industrial-networks-exposed-cloud-operational-tech/168024/