ICS-CERT has issued an alert about an offline brute-force password tool with proof-of-concept exploit code that could be used against Siemens S7 programmable logic controllers to gain access and control of these PLCs (Programmable Logic Controllers).
ICS-CERT recommends that users take defensive measures to minimize the risk of exploitation of this attack vector. Specifically, users should minimize network exposure for all control system devices. Control system devices should not directly face the Internet.
Read more here - https://www.us-cert.gov/control_systems/pdf/ICS-ALERT-13-016-02.pdf