Unlike similar programs, The two German hackers Spenneberg Ralph and Mike Bruggemann developed a worm that can spread the PLC without infecting a desktop or laptop.
World’s First Worm For Programmable Controllers Distributed Without PC
Before infecting the programmable logic controllers, malware like Stuxnet must get on the PC first. This means the further spread of malware; you can stop it by removing the infected computers. According to the researchers, their worm spreads like cancer between Siemens S7 PLC 1200. However, it can be recycled by the other controllers. Depending on the PLC, which uses the facility where a worm can also infect its system using a proxy server chain. “Nash is the first worm that can spread on the Siemens PLCs without the support of a PC or other systems,” said the german hacker Spenneberg Ralph. Hence, in addition, the german hacker Spenneberg Ralph also demonstrated an example, “Imagine that the PLC were intercepted on the way to your company or by the supplier. You almost can not find it, and it (the worm – Ed.) Quickly spread throughout the enterprise network. We can cause a denial of service and bring the PLC fails. Imagine the consequences if this happens at a critical enterprise infrastructure”. In the Asia BlackHat security conference Alexander Bolshev, the Security Consultant for IOActive, and Marina Krotofil, Security Researcher at the Honeywell Cyber Security Lab, introduced a way to hide the worm activity developed by the German hackers Spenneberg Ralph and Mike Bruggemann. With it, an attacker can change the frequency and amplitude of the waves generated by the PLC and thereby mask the attack. As the results of a study conducted in collaboration with Marina Krotofil (Marina Krotofil) from Honeywell, an attacker can penetrate the remote station along with the main gas supply line, hence, to determine the frequency of normal waves and play them back with the help of high-frequency components.