Digital Bond and Rapid7 announced today at the S4 Conference the release of a new Metasploit module to exploit the GE D20 PLC, and a partnership to move additional Project Basecamp PLC exploits to the Metasploit Framework. There are additional GE D20 modules in QA, and plans to move the Basecamp exploits of Rockwell Automation, Schneider Modicon, and Koyo/Direct LOGIC exploits into Metasploit modules. PLCs are the components in SCADA networks that control critical infrastructure, including power plants, pipelines, chemical manufacturing, water treatment, etc.
Dale Peterson, founder of Digital Bond, said, "We felt it was important to provide tools that showed critical infrastructure owners how easy it is for an attacker to take control of their system with potentially catastrophic results. These attacks have existed in theory for a while, but were difficult to demonstrate to a Plant Manager. By creating exploit modules for the most widely used exploit framework - Metasploit - we hope that security professionals in critical infrastructure companies, consultants, and penetration testers will prod vendors to add basic security measures to PLCs after decades of neglect."
A collaboration between the open source community and Rapid7, Metasploit software helps security and IT professionals identify security issues, verify vulnerability mitigations, and manage expert-driven security assessments, providing true security risk intelligence. Metasploit editions - ranging from a free edition to professional enterprise editions - are all based on the Metasploit Framework, an open source software development kit with the world's largest, public collection of quality-assured exploits. The Framework is currently downloaded more than one million times per year and used and enhanced further by over 125,000 security community members.
"The Basecamp modules show the flexibility of the Metasploit Framework," said HD Moore, Metasploit Chief Architect and CSO of Rapid7. "While most Metasploit modules exploit traditional workstations and servers, these modules are exploiting special purpose devices and will even demonstrate the ability to provide interactive control of a critical system, turning things on and off."
Project Basecamp and the resulting tools were presented at Digital Bond's S4 Conference in Miami Beach. A team of six researchers assessed the security of six widely used PLCs in critical infrastructure in front of an audience of leading SCADA security researchers from around the world.
About Digital Bond
Digital Bond is a SCADA and DCS security consulting and research practice that began working on control systems in 2000. Digitalbond.com is the most popular site for SCADA security information and free SCADA security tools. For more information about Digital Bond email info@digitalbond.comor call 954-315-4633.
Rapid7 security analytics software and services reduce threat exposure and detect compromise for 3,000 organizations across 78 countries, including over 250 of the Fortune 1000. We understand the attacker better than anyone and build that insight into our solutions to improve risk management and stop threats faster. We offer advanced capabilities for vulnerability management, penetration testing, controls assessment, incident detection and investigation across your assets and users for virtual, mobile, private and public cloud networks. To learn more about Rapid7 or get involved in our threat research, visit www.rapid7.com.