At work, our automation people have one or two customers with industrial plants where the PCs connected to the PLCs still run XP, because they use some very specific piece of hardware whose vendor went out of business, so there are no device drivers for more recent versions of Windows.
(Hell, I've been at one plant where PC side of the automation still ran on NT 4.0! The customer is reluctant to replace that machine because the interface to the plant automation is a freaking ISA card, and it has become rather difficult to procure a motherboard with an ISA slot.)
It's easy to tell people to update, but in some cases it's just not that simple. (OTOH, the plants I know about are not connected to the Internet.)
And don't get me wrong, I totally agree that it would be better in so many different ways if these machines were upgraded. But some users basically have no choice.
I sadly suspect if a large corporation with a very small ethics department or a state actor wanted to subvert these networks, they would have very little trouble doing so. Another comment mentioned Stuxnet which proves that point rather well.
Fortunately, these plants I am talking about are food plants (yoghurt, pudding, and such), so the risk of some foreign government wanting to shut down that plant is rather low. ;-)
And the risk of becoming infected by drive-by malware is contained by not letting these machines talk to the Internet.
(There is one connection to the regular corporate network, which does have Internet access, to tell the ERP system how much of each ingredient is left so the Purchasing department will order new ingredients on time. But in my benevolent imagination that connection is one teeeny-tiny hole through a humongous firewall.)
Agreed. Still not bulletproof (see Stuxnet, which transferred to PLCs over USB sticks), but you're good against classical malware (as in, not developed by a state actor).
> ...PLCs still run XP, because they use some very specific piece of hardware whose vendor went out of business, so there are no device drivers for more recent versions of Windows.
There are alternatives to this problem but many companies don't have the budget, don't want to invest, or don't know that these drivers can be rewritten to new platforms with reverse engineering.
I don't know if you know much about the automation industry, but reverse engineering a driver so you can run it on a newer PC would be an unacceptable risk. Are you confident in your driver being able to safely control the industrial equipment? A coal train which costs $1000s of dollars a minute for any down time? Are you willing to take the blame or deal with the lawsuit if something goes wrong? The other side of the coin is that some companies do have the budget and can invest in newer technologies, but the cut over to new equipment is just down time they cannot afford - so be it if there's a risk of larger down time in the future.
Risk has a price. I am taking this kind of risk for several projects. I understand that the customer doesn't like to take the risk, even when they have the budget.
Even so, there are formal ways to show you are solving a problem with certain probability. These kind of projects require extensive testing.
(Hell, I've been at one plant where PC side of the automation still ran on NT 4.0! The customer is reluctant to replace that machine because the interface to the plant automation is a freaking ISA card, and it has become rather difficult to procure a motherboard with an ISA slot.)
It's easy to tell people to update, but in some cases it's just not that simple. (OTOH, the plants I know about are not connected to the Internet.)
And don't get me wrong, I totally agree that it would be better in so many different ways if these machines were upgraded. But some users basically have no choice.