For decades, operational technology (OT) has enjoyed the luxury of being suitably inaccessible, and thus has experienced directly targeted cyber attacks from only the most advanced and well-resourced adversaries. However, security via obscurity cannot last forever, and indeed a shift is happening whereby less advanced adversaries are showing an appetite for targeting OT. With this shift in adversary demographics, there will likely also be a shift in attack goals, from clandestine process degradation and espionage to overt cyber extortion (Cy-X). Even if encryption-based Cy-X techniques were launched against OT assets, typical recovery practices designed for engineering processes would provide adequate resilience. In response, this article introduces Dead Man's PLC (DM-PLC), a pragmatic step towards viable OT Cy-X that acknowledges and weaponises the resilience processes typically encountered in any OT environment. Using only existing functionality, DM-PLC considers an entire environment as the entity under ransom, whereby all assets constantly send one another heartbeats to ensure the attack remains untampered with, treating any deviations as a detonation trigger akin to a DM switch. A proof of concept of DM-PLC is implemented and evaluated on a peer reviewed and industry validated OT testbed to demonstrate its malicious potential.
