Re: Crap security devices
MODBUS security can be done. Any system with MODBUS capability should support write windowing and any TÜV approved system must. So if correctly configured you should not be able to write to things that should not be written to. If a factory conveyer that can legitimately be written to tries to achieve 1000mph because there's no bounds limit on your motor drive then it is not configured correctly. No amount of added security layers will be enough if the ones that are there are not used correctly. If a device doesn't support write windowing use something else or add a MODBUS firewall such as a Tofino.
Really big stuff, refineries and so on, will be protected adequately. There are plenty of standards and networking talent in the industry. The risky ones are the medium sized installations where there likely isn't the budget. Where refineries have been hacked it has only been office systems affected. Stuxnet sure but that was exceedingly targeted, relied on massive target knowledge that could not all be obtained remotely and required meatspace delivery. I would argue that IoBT is pretty good so long as we don't get complacent.
Building HVAC and substations are perfect examples of the scale of stuff that is likely to be vulnerable. Internet of Medium sized Things. IoMT. And within that space there's little impact in an office HVAC trying to make the building a fridge. There is impact beyond the fence when a substation goes down. So the ones to worry about are a subset of IoMT.
Biting the hand that feeds IT
