21 November 2016 3 2K Report

Dears,

I am interested in filtering SCADA communications to guarantee safety properties.

Thus I would like to find attacks against SCADA that have happened in the past and that have involved the attacker modifying the contents of communications exchanged between SCADA and PLCs.

However, most of attacks I can find require the attacker uploading a malware that will reprogram the PLCs (e.g.: Stuxnet).

In the kind of attacks I am interested, lets say that the SCADA sends a request to change the temperature of a furnace to 500 degrees, the attacker intercepts the message (in a man-in-the-middle) and modifies it to 5000 degrees.

I heard for example about the Maroochy Shire case in which the attacker was introducing new crafted packets to violate the property.

This example also interests me and I would be curious about the technical details of the attack (e.g.: the communication protocol used, if opening the sewage system was an action the employee was allowed to do in a different context or if he had to break into the network, etc.).

Thanks in advance,

Maxime

More Maxime Puys's questions See All
Similar questions and discussions