Ransomware May Pose a Threat to Industrial Process Controllers

14 February 2017

Could ransomware take over control of programmable logic controllers (PLCs) that manage industrial systems?

Researchers at Georgia Tech developed a form of ransomware that did just that, taking over a simulated water treatment plant and causing damage.

Although few if any industrial systems have been targeted, the team says that it’s only a matter of time before such attacks happen. Attackers have already accessed patient data in hospitals and customer data in businesses. Many control systems lack robust security protocols, leaving them vulnerable to invasion and compromise.

The researchers set out to demonstrate vulnerabilities that systems operators ignore, often because they wrongly believe that their systems are not accessible to outside networks. Access can come through back doors installed to allow system maintenance, for example.

To kick off the project, the team built a mock-up of a water treatment system. They identified some common PLCs and obtained three different devices, testing their password protection and susceptibility to settings changes. The controllers were incorporated into the mock-up, which used iodine and starch to indicate when a software invader successfully attacked and added more chlorine—the iodine—to the water supply.

Demonstrating the small systems’ vulnerability is intended to alert industrial systems’ owners to the real vulnerabilities in these systems. The researchers pointed out that system operators can take simple steps, like password protection and limiting network access, to improve security. Intrusion monitoring systems should also be incorporated to provide additional protection.

To contact the author of this article, email engineering360editors@ieeeglobalspec.com

Powered by CR4, the Engineering Community

Discussion – 2 comments

By posting a comment you confirm that you have read and accept our Posting Rules and Terms of Use.
Re: Ransomware May Pose a Threat to Industrial Process Controllers
2017-Feb-14 11:20 PM

The best way to fight ransomware is frequent backups to alternating hard drives ("ring buffering").

Even if someone broke into my systems and locked it up, so what?

I'll just swap out my hard drive and reboot. I'm back in business in a couple of minutes, and I have the other drive intact for forensics.

Re: Ransomware May Pose a Threat to Industrial Process Controllers
2017-Feb-24 10:43 AM

I might be missing something here but why is anyone putting something so vital as power and water plants on something so vulnerable as the internet?

Engineering Newsletter Signup
Get the Engineering360
Stay up to date on:
Our flagship newsletter covers all the technologies engineers need for new product development across disciplines and industries.

Upcoming Events