Tactic: Impact

Technique: Tamper Control Logic

Tampering with control logic means to edit and/or add code or programs that control the logic of the device.

Technique in practice

Tampering with control logic on a controller or device can be used to affect how it interacts with its physical process, peripheral devices or other devices connected to the same network. It can also be a easy way to maintain access to that device once it has been gained. In addition to this, the program could also inhibit any safeguards put in place to prevent failures (this applies specifically to machinery and robotics) or security measures taken to prevent further destruction or manipulation of the system. A program like this could exist in many different shapes. From POU's on a PLC to scripts running on a PC.

Mitigations

Code signing

Detections

Detect file changes

Documented incidents with autonomous robots

No incidents known at the time of writing.

Documented incidents in other domains

No incidents known at the time of writing.