Information warfare by proxy: Malware in PLC firmware
Document Type
Conference Proceeding
Publication Title
Proceedings of the 18th Australian Cyber Warfare Conference 2019
Publisher
Deakin University Centre for Cyber Security Research and Innovation
School
School of Science / ECU Security Research Institute
RAS ID
30919
Abstract
Attacks on Industrial Control Systems (ICSs) can lead to plant shutdown and destruction of property that can cost millions in damages and lost production. Even worse, such attacks can result in loss of life, for example, if malware placed on devices were to cause equipment to explode and/or release toxic fumes. More serious could be attacks on critical infrastructure, where as well as damage and loss of life at a plant, many people could be left without services such as water, gas or electricity. In addition, the output of industrial systems can be vital to a country’s economy. Due to the potential damage that could be caused by such risks being realised, more research into the feasibility of firmware attacks and how to detect them is needed. We observe some problematic aspects of detection of tampering in software. Our contribution is to examine challenges in ICS security with respect to embedded firmware and to suggest mitigations.
Access Rights
free_to_read
Comments
Walling, L., Johnstone, M. N., & Hannay, P. (2020). Information warfare by proxy: Malware in PLC firmware. In Proceedings of 18th Australian Cyber Warfare Conference 2019 (CWAR 2019) (pp. 57-61). Deakon University.
https://www.australian-cyberwarfare.com/