According to this article from ThreatPost, a vulnerability has been found in the MicroLogix 1400 PLC systems that could allow an attacker to gain full control of affected equipment. I haven’t seen specifics on the vulnerability other than that it’s an undocumented configuration option that can grant full control of the device (no Proof of Concept code yet). Based on the list of possible applications for these devices (Material Handling, General Industrial Machinery, Brake / Clutch Control, etc.), it’s easy to understand how this could be a valuable target for an attacker.
Vulnerability assessments are a way to identify potential vulnerabilities and penetration tests are a way to confirm whether a vulnerability can be exploited and, if so, the potential risk of the exploit. One of the key benefits of a vulnerability assessment or penetration test is that it gives the potential target an opportunity to see the potential vulnerabilities and patch or mitigate the risk posed by those vulnerabilities before an attacker is able to exploit them.
In today’s hyper-connected world, security through obscurity is not sufficient and the implications of relying on your vulnerabilities simply not being discovered (or not being exploited if they aren’t discovered) is irresponsible at best and illegal in many cases (PCI-DSS, HIPAA, etc.). If you do not have a preferred vendor for assessing your risk regarding Information Security (InfoSec) or Operational Security (OpSec), we would be happy to meet with your organization to asses and discuss your needs.
Misc / Errata
- Threatpost article – https://threatpost.com/undocumented-snmp-string-exposes-rockwell-plcs-to-remote-attacks/119865/
- What is SNMP – https://en.wikipedia.org/wiki/Simple_Network_Management_Protocol
- What is PLC – https://en.wikipedia.org/wiki/Programmable_logic_controller
- What is a MicroLogix 1400 PLC System – http://ab.rockwellautomation.com/Programmable-Controllers/MicroLogix-1400#applications
- What is PCI-DSS – https://en.wikipedia.org/wiki/Payment_Card_Industry_Data_Security_Standard
- What is HIPAA – https://en.wikipedia.org/wiki/Health_Insurance_Portability_and_Accountability_Act