SCADA projects from the point of view of hackers

Almost all SCADA systems allow for project (or system configuration) files creation and have drafts of such projects delivered with the software. We have tested the possibility of making trojans based on such files and succeeded. If an attacker will somehow trick the ICS engineer to launch such trojan-project files it would lead to a SCADA system being hacked.

Such trojans are potentially hard to detect (not detected by modern SPAM filters), moreover, they can act in a stealth way.
We will illustrate this threat on LabView, ATVise, and IntegraXor SCADA software.

Yuriy Gurkin

Yuriy Gurkin has post graduated MIPT in 2003. Worked for several security firms and now is a CTO at Gleg ltd - small security firm, a provider and reseller of Penetration Testing software and addons.

Social sharing