A newly developed PLC malware does not require physical access to target an ICS environment, is platform neutral, and is more resilient than traditional malware aimed at critical infrastructure.

Researchers at Georgia Tech have developed a proof-of-concept malware demonstrating the threat of remote attacks on PLCs with embedded web servers, a common component in ICS within critical infrastructure. The malware can manipulate outputs, falsify sensor readings, and disable safety systems, potentially causing devastating effects. It leverages web-based vulnerabilities, offering platform independence and persistence, unlike traditional PLC malware that targets firmware or control logic.