Simulated Ransomware Attack Shows Vulnerability of Industrial Controls
Cybersecurity researchers at the Georgia Institute of Technology have developed a new form of ransomware that was able to take over control of a simulated water treatment plant. After gaining access, the researchers were able to command programmable logic controllers (PLCs) to shut valves, increase the amount of chlorine added to water, and display false readings. The simulated attack was designed to highlight vulnerabilities in the control systems used to operate industrial facilities such as manufacturing plants, water and wastewater treatment facilities, and building management systems for controlling escalators, elevators and HVAC systems. Believed to be the first to demonstrate ransomware compromise of real PLCs.
“We are expecting ransomware to go one step farther, beyond the customer data to compromise the control systems themselves,” said David Formby, a Ph.D. student in the Georgia Tech School of Electrical and Computer Engineering. “That could allow attackers to hold hostage critical systems such as water treatment plants and manufacturing facilities. Compromising the programmable logic controllers (PLCs) in these systems is a next logical step for these attackers.”