I remember in 2012...
I remember back in 2012 a worm was discovered on a computer in Iran. This worm was called Flame or Flamer. It literally spoofed the Microsoft software signing certificate using an unknown chosen prefix attack. This attack was different than the attack vector used in the 2007 paper. So whoever pulled it off used world-class cryptanalysis. What was the result of this certificate spoofing? It made the computer think the update was coming from Microsoft and installed it, no questions asked, when in fact it was malware.
SHA-1 has been vulnerable for a long time. If you have equipment that requires it, then I'm sorry, but you need to upgrade your equipment. As an alternative, why connect industrial equipment to the internet to begin with? That's just asking for something to happen. Best to have it on an air-gapped network so someone has to do an up-front intrusion to gain access.
Biting the hand that feeds IT
