Greetings from the '90s - Exploiting the Design of Industrial Controllers in Modern Settings

Explore a novel exploitation vector in industrial controllers during this Black Hat conference talk. Delve into how PLC programming practices, user APIs, and memory allocation for function blocks from Library Functions create vulnerabilities in control logic. Learn about automated enumeration techniques, identification of key infrastructure configuration parameters, and process control variable manipulation for targeted attacks. Discover how allocated but unused memory can be leveraged to establish covert C2 channels, enabling attackers to run security tools, exfiltrate data, and execute high-precision cyber-physical attacks on previously inaccessible network segments. Presented by Marina Krotofil and Ric Derbyshire, this 37-minute talk offers valuable insights into modern industrial control system security challenges rooted in legacy design principles.