{"title":"黑进光学制造机器:你没看到它来了?!","authors":"Robert Wildenauer, K. Leidl, M. Schramm","doi":"10.1117/12.2526691","DOIUrl":null,"url":null,"abstract":"With more and more industrial devices getting inter-connected the attack surface for cyber attacks is increasing steadily. In this paper the possible approach of an attacker who got access to the office network at the Institute for Precision Manufacturing and High-Frequency Technology (IPH) to attack one of the optic machines that reside in another network segment is presented. Based on known vulnerabilities from the Common Vulnerabilities and Exposures (CVE), like the shellshock exploit or remote code execution with PsExec, for devices identified in the network, an attacker can bypass the firewall between the office network and the laboratory network and get full access to the HMI of the target machine.","PeriodicalId":422212,"journal":{"name":"Precision Optics Manufacturing","volume":"6 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2019-06-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Hacking an optics manufacturing machine: You don't see it coming?!\",\"authors\":\"Robert Wildenauer, K. Leidl, M. Schramm\",\"doi\":\"10.1117/12.2526691\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"With more and more industrial devices getting inter-connected the attack surface for cyber attacks is increasing steadily. In this paper the possible approach of an attacker who got access to the office network at the Institute for Precision Manufacturing and High-Frequency Technology (IPH) to attack one of the optic machines that reside in another network segment is presented. Based on known vulnerabilities from the Common Vulnerabilities and Exposures (CVE), like the shellshock exploit or remote code execution with PsExec, for devices identified in the network, an attacker can bypass the firewall between the office network and the laboratory network and get full access to the HMI of the target machine.\",\"PeriodicalId\":422212,\"journal\":{\"name\":\"Precision Optics Manufacturing\",\"volume\":\"6 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2019-06-28\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Precision Optics Manufacturing\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1117/12.2526691\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Precision Optics Manufacturing","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1117/12.2526691","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Hacking an optics manufacturing machine: You don't see it coming?!
With more and more industrial devices getting inter-connected the attack surface for cyber attacks is increasing steadily. In this paper the possible approach of an attacker who got access to the office network at the Institute for Precision Manufacturing and High-Frequency Technology (IPH) to attack one of the optic machines that reside in another network segment is presented. Based on known vulnerabilities from the Common Vulnerabilities and Exposures (CVE), like the shellshock exploit or remote code execution with PsExec, for devices identified in the network, an attacker can bypass the firewall between the office network and the laboratory network and get full access to the HMI of the target machine.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
