Pillar to Post: Peter Welander's Blog
News and comment from Control Engineering process industries editor, Peter Welander
The world of IT comes to us, part 2
“If you can ping it, you can own it.”
In the new video that revisits the DePaul University cyber security class, we meet two new students, Ahmed and Eiyad. One of the great statements that I heard with reference to hacking PLCs, which unfortunately didn’t make it into the final edit, was from Ahmed. He said, “If you can ping it, you can own it.” Which is to say, if you can get through the network to the PLC, you can make it do whatever you want because the PLC has very little protection of its own.
There are ways to protect a vulnerable PLC by hardening the network, but as Alex pointed out, few network devices and switches allow you to use security measures such as RADIUS or TACACS. On the other hand, some do. If you’re looking at networking products, those are the ones you may want to look for.