Compromising Industrial Processes using Web-Based Programmable Logic Controller Malware
Ryan Pickren
Network and Distributed System Security (NDSS) Symposium 2024 · Day 3 · Network Infrastructure
This article delves into a groundbreaking security talk presented by Ryan Pickren, which introduces a novel and highly effective method for developing **Programmable Logic Controller (PLC) malware**. Termed **Web-Based PLC Malware (WB PLC malware)**, this new approach fundamentally shifts the attack surface for industrial control systems (ICS) by exclusively targeting the web applications hosted on embedded webservers within modern PLCs. Unlike traditional PLC malware, which focuses on control logic or firmware, WB PLC malware leverages legitimate web application program interfaces (APIs) exposed by these admin portals to stealthily manipulate real-world machinery.