Wired reports that there are many security issues with Programmable Logic Controllers (PLCs) and now there is an easy to use tool to scan and detect vulnerabilities.
They say it's so easy, the update for Metasploit make it analogous to Firesheep for PLCs.
What must IT shops do to prevent attack?
If the PLC controllers are not on the network, or are isolated, should we still be concerned?
If an IT shop has no PLCs in the course of business (manufacturing, etc), are the HVAC systems of the datacenter or door/access control systems vulnerable?