Monday, July 18, 2011

Stuxing Tools

Earlier today I wrote in a blog post that:
“While I noted that this type of stuxing would not require as much process knowledge as the classic Stuxnet attack, it is still a fairly sophisticated attack mode (at least until stuxing tools become readily available).”
This evening I ran across an interesting Tweet ® that bears on that statement:

From @D1N
“Finished testing all of the Siemens Simatic S7-300 and S7-400 aux modules for Metasploit. New attacks read/write/delete data blocks on PLC.”
I haven’t seen the Metasploit modules yet (actually I probably never will; after all, I wouldn’t know what to do with them in any case) but I doubt that they are really the ‘stuxing tools’ that I mentioned. They are almost certainly an important step to constructing such tools, and will probably be included in the tools, but they are not yet the tools.

Don’t get too comfortable, though. No telling what the blackhats are doing.

No comments:

/* Use this with templates/template-twocol.html */