Should all those who use Siemens PLCs panic? Absolutely not. Security tests revealed serious vulnerabilities in the chips of the S7-1500 series of controllers, but the manufacturer itself very quickly took the necessary measures to resolve the problem.
Table of Contents
What is it actually about? About research conducted by Red Balloon Security, which revealed a whole lot of various vulnerabilities that make these controllers extremely vulnerable to external attacks.
A serious problem
These problems primarily relate to cryptographic authentication in the chips from the Siemens S7-1500 family of industrial controllers, as well as devices that are associated with them.
Researchers dealing with the subject conducted a number of tests that showed that if someone wanted to modify the code or make changes to the data plane after bypassing the security measures, they would have no problems with it.
Someone who would try his hand, could generate encrypted system software with little effort - each one that could be run from the S7-1500 CPU module.
Interestingly, the examination of Red Balloon Security specialists lasted for over a year, and any irregularities were reported to the manufacturer on an ongoing basis.
What did the producer do?
Siemens, of course, treated the matter as a priority and officially notified about the vulnerabilities, of which as many as 120 were found in total. The company immediately went into action and in the new hardware versions of the S7-1500 family security problems were fixed.
But that's not all. The above-mentioned specialists who diagnosed the problem also developed a special tool that will allow owners and users of PLC controllers of the mentioned series of threats, and thus check whether the most vulnerable devices do not have compromised security structures.
Foto: https://www.freepik.com/free-photo/factory-worker-monitoring-industrial-machines-production-remotely-control-room_11030700.htm#query=plc&position=0&from_view=search&track=sph / Image by aleksandarlittlewolf / on Freepik
