Home
JAQForum Ver 24.01
Log In or Join  
Active Topics
Local Time 04:46 25 Nov 2024 Privacy Policy
Jump to

Notice. New forum software under development. It's going to miss a few functions and look a bit ugly for a while, but I'm working on it full time now as the old forum was too unstable. Couple days, all good. If you notice any issues, please contact me.

Forum Index : Microcontroller and PC projects : Modbus under attack

Author Message
Mixtel90

Guru

Joined: 05/10/2019
Location: United Kingdom
Posts: 6781
Posted: 07:26am 24 Jul 2024
Copy link to clipboard 
Print this post

The Register link

This is a nasty one. Attacking internet-connected Modbus TCP systems on port 152 at the moment. Potentially that's a huge number of targets. Another reason why internet connections on industrial plant should be for read-only monitoring and never control!
Mick

Zilog Inside! nascom.info for Nascom & Gemini
Preliminary MMBasic docs & my PCB designs
 
PhenixRising
Guru

Joined: 07/11/2023
Location: United Kingdom
Posts: 857
Posted: 08:26am 24 Jul 2024
Copy link to clipboard 
Print this post

I wonder if EtherCAT could be vulnerable...Yikes! Robots and CNC machines flying out of control.  
 
Mixtel90

Guru

Joined: 05/10/2019
Location: United Kingdom
Posts: 6781
Posted: 09:28am 24 Jul 2024
Copy link to clipboard 
Print this post

Anything with write access that's connected to the internet is vulnerable to something. Essential or safety-related stuff should never be connected to the internet in any way whatsoever. It's not even safe to monitor it remotely unless it's on the end of its own piece of wire.

This is a big advantage of local network chips like the nRF24L01, which although it's an RF system and potentially hackable it has no router access and it can use channel hopping to confuse MITM attacks.
Mick

Zilog Inside! nascom.info for Nascom & Gemini
Preliminary MMBasic docs & my PCB designs
 
Volhout
Guru

Joined: 05/03/2018
Location: Netherlands
Posts: 4223
Posted: 09:44am 24 Jul 2024
Copy link to clipboard 
Print this post

Anyone who connects a modbus tcp system to the WWW is plain stupid.
Darwin explains why some species have been unsuccesfull in surviving.
Humans included....

Volhout

P.S. EtherCat needs a bridge (convertor) to get to normal UTP networks. Ethercat as such is incompatible with ethernet. But it uses the same physical interface. All OSI layers above it are different. When you connect the bridge to the WWW then you are fall into the same Darwin category....
Edited 2024-07-24 19:48 by Volhout
PicomiteVGA PETSCII ROBOTS
 
PhenixRising
Guru

Joined: 07/11/2023
Location: United Kingdom
Posts: 857
Posted: 09:58am 24 Jul 2024
Copy link to clipboard 
Print this post

  Mixtel90 said  
This is a big advantage of local network chips like the nRF24L01, which although it's an RF system and potentially hackable it has no router access and it can use channel hopping to confuse MITM attacks.


Yeah, ESP-NOW has me intrigued. I have read reports of <2mS round-trip messaging.  
 
Print this page


To reply to this topic, you need to log in.

© JAQ Software 2024