Last week I reported that a serious vulnerability in the HART protocol was demonstrated at the S4 conference. It seems that this has not yet penetrated the consciousness of the process control world.
This vulnerability, like the Target hack, and like Stuxnet, is a Control System Level 0 vulnerability. That is, it uses a field device or controller as its vector. As such it is nearly impossible to see happen, or to trap for. You are infecting the data stream from a simple field device, not trying to raid an application directly. What the HART hack gets you is access to the control system, to the asset management system, and from there to the plant operations system and the ERP system. Essentially, if it works as well as Alexander Bolshev (@dar_k3y) says, and there is no reason from the evidence he presented to disbelieve him, this is a golden key to the plant– and the enterprise.
No one has yet used the HART hack. Wait, how would we know? Nobody has caught anybody using the HART hack Bolshev described. If somebody in Russia, or in China or wherever has been doing this, they could have been doing it for years and nobody the wiser.
Somebody needs to come up with some trapping routines for this pretty quickly.