LogicLocker

<p>LogicLocker, is a cross-vendor <a href="/facts/Ransomware/muT4jcxj">ransomware</a> worm that targets <a href="/facts/Programmable_logic_controller/bqh0GAdb">Programmable Logic Controllers</a> (PLCs) used in <a href="/facts/Industrial_control_system/YzgsMy2x">Industrial Control Systems</a> (ICS).  First described in a research paper released by the Georgia Institute of Technology, the malware is capable of hijacking multiple PLCs from various popular vendors.  The researchers, using a water treatment plant model,  were able to demonstrate the ability to display false readings, shut valves and modify Chlorine release to poisonous levels using a Schneider Modicon M241, Schneider Modicon M221 and an Allen Bradley MicroLogix 1400 PLC.  The ransomware is designed to bypass weak authentication mechanisms found in various PLCs and lock out legitimate users while planting a <a href="/facts/Logic_bomb/btrj2258">logicbomb</a> into the PLC.  As of 14 February 2017, it is noted that there are over 1,400 of the same PLCs used in the proof-of-concept attack that were accessible from the internet as found using <a href="https://www.shodan.io/">Shodan</a>.
</p>

LogicLocker open-in-new

LogicLocker