Blog | G5 Cyber Security

Project File Infection

Using built in functions of the engineering software, adversaries may be able to download an infected program to a PLC in the operating environment enabling further execution and persistence techniques. These project files may consist of objects, program organization units, variables such as tags, documentation, and other configurations needed for PLC programs to function. Stuxnet copies itself into Step 7 projects in such a way that it automatically executes when the Step 7 project is loaded. The project file should be encrypted to prevent unauthorized changes.”]

Source: https://collaborate.mitre.org/attackics/index.php/Technique/T0873

Exit mobile version