Hackers Crash Controller via Web Service
|Industry Type:||Electronic Manufacturing|
There were 2 types of incidents ocurring at the same location in the same time frame:
Two engineers worked on this problem full time for 3-4 weeks each. The hard part was being able to identify the cause so we could reproduce it at the vendor’s site. Our internal firewalls greatly reduce the likelyhood of these attacks getting through. The customer in this case is a development partner, so we worked with them to capture the activity with a network analyzer. Once the cause(s) were identified, the fixes were easy.
|Action Description:||(1) Fixed the bug in the device code - it now properly closes timeout connections. (2) Contacted the TCP stack vendor who gave us a fix for his bug. In addition, we created a tool to cause problem #1. It rapidly makes connections but does not close them. With this tool, the old "buggy" code locks up the Ethernet port within seconds. The fixed code does not fail. Vendor strongly recommends that our customers work with their IT departments to isolate the controllers from these kinds of attacks.|