M
M Griffin
In reply to David Ferguson: To correct something that you said, the PLC was not being "hacked". It was being re-programmed using the normal PLC commands which are present for that purpose. The computer however was being "hacked" by the virus, via security holes in MS Windows.
There is a very important difference between the two situations. There are many tens of thousands (hundreds of thousands?) of viruses which affect MS Windows. Viruses which affect anything else are extremely rare. While this particular virus is quite clever, the same sort of attack on PLCs (any brand of PLC) could be repeated using any run of the mill MS Windows virus. New MS Windows viruses come out all the time, so anyone who felt motivated could repeat this feat quite easily.
And to address another point that you stated:
> switching the OS will not change a thing, if
> they want in, they will get in, even if that
> means walking in and accessing the machine with
> the Linux software...........IT IS NOT THE
> SOFTWARE, it is the fact that there is software
> at all, instead of hard coded HARDWARE.......
Well, if as you said you're granting physical access, then they can indeed reprogram the hard coded hardware just as easily as they could the software. Of course they could just smash the machine up with a sledge hammer in that case too.
You can talk about all sorts of hypothetical situations, but I like to look at things from a practical point of view. Let's look at what is happening in the real world here. We don't have the Mission Impossible team rappelling through the skylights to plant a bug in our PLC programs. We have an MS Windows virus just like thousands of other MS Windows viruses except this one re-programs PLCs instead of stealing information or sending spam. It's just taking advantage of bugs and holes in MS Windows, just like all the other viruses.
From a practical point of view, we don't need to solve the global MS Windows virus problem. We just need to find a way to avoid being directly affected by it.
There is a very important difference between the two situations. There are many tens of thousands (hundreds of thousands?) of viruses which affect MS Windows. Viruses which affect anything else are extremely rare. While this particular virus is quite clever, the same sort of attack on PLCs (any brand of PLC) could be repeated using any run of the mill MS Windows virus. New MS Windows viruses come out all the time, so anyone who felt motivated could repeat this feat quite easily.
And to address another point that you stated:
> switching the OS will not change a thing, if
> they want in, they will get in, even if that
> means walking in and accessing the machine with
> the Linux software...........IT IS NOT THE
> SOFTWARE, it is the fact that there is software
> at all, instead of hard coded HARDWARE.......
Well, if as you said you're granting physical access, then they can indeed reprogram the hard coded hardware just as easily as they could the software. Of course they could just smash the machine up with a sledge hammer in that case too.
You can talk about all sorts of hypothetical situations, but I like to look at things from a practical point of view. Let's look at what is happening in the real world here. We don't have the Mission Impossible team rappelling through the skylights to plant a bug in our PLC programs. We have an MS Windows virus just like thousands of other MS Windows viruses except this one re-programs PLCs instead of stealing information or sending spam. It's just taking advantage of bugs and holes in MS Windows, just like all the other viruses.
From a practical point of view, we don't need to solve the global MS Windows virus problem. We just need to find a way to avoid being directly affected by it.