Learn Pentesting like a Pro!

Share this post

OT industrial cybersecurity: Hardening the ModBus protocol

pentesting.academy

OT industrial cybersecurity: Hardening the ModBus protocol

Learn how to find and protect IoT devices on the Internet

pentesting.academy
Jul 11, 2020
Share this post

OT industrial cybersecurity: Hardening the ModBus protocol

pentesting.academy

OT stands for Operational Technology, contrary to the IT that is Information Technology. Inside IT we put things such as servers, computers, laptops, smartphones, etc. OT is more focused on more low-level devices that keep factory lines busy, as for instance, a PLC (Programmable Logic Controller) that can control an hydraulic valve or a nuclear plant valve.

One of the most used industrial protocols is ModBus protocol. Contrary to many other propietary protocols, ModBus uses TCP/IP for communications.

Usually ModBus connections use TCP/502 port, however this port is unsecure by default as communications are not encrypted AND any attacker can impersonate a master device to perform unexpected actions.

Guess how many openly available ModBus devices are public on the Internet:

ModBus insecure protocol
Insecure Modbus exposure in Spain

So, first thing to keep in mind is: NEVER expose industrial devices to the Internet if you do not plan that some attacker literally hacks your factory.

Second thing, upgrade your protocol and use TCP/802 instead of default TCP/502 as the first provides encryption.

Thanks for reading Learn Pentesting like a Pro! Subscribe for free to receive new posts and updates.

Share this post

OT industrial cybersecurity: Hardening the ModBus protocol

pentesting.academy
Comments
TopNew

No posts

Ready for more?

© 2023 pentesting.academy
Privacy ∙ Terms ∙ Collection notice
Start WritingGet the app
Substack is the home for great writing