SCADA systems flaws exploited to open prison doors
The discovery of the Stuxnet worm has alerted governments around the world about the possibility of industrial control systems being targeted by hackers and has made a lot of security researchers concentrate on preemptively finding out bugs that plague them so that they can be patched before the attackers have the chance to exploit them.
These industrial control systems – more commonly dubbed SCADA (supervisory control and data acquisition) – are computer systems that monitor and control industrial and infrastructure processes, and often control heating, ventilation, and air conditioning, access, communication and energy consumption inside a variety of private and public facilities.
Among those facilities are also state and federal prisons in the U.S., and seeing that the control of access and communication within them is of critical importance, a group of researchers have set up to discover whether bugs in the SCADA systems allowed remote attackers to take them over.
With no previous experience regarding the programming of these systems, the researchers have relatively easily succeeded in their attempt and have developed attacks that would allow prison doors to be opened (temporarily or permanently) without alerting the guards in the control room about it and that would shut down internal communications and closed-circuit television systems.
They presented their results to the public at the recently held Hacker Halted conference and have pointed out that although, in theory, SCADA systems should never be connected to the Internet, in reality every one of them is – directly or via other networks and devices, reports the Washington Times.
The researchers have visited many prisons during their research, and in some of them guards used its computers to do things like checking their private email. The Internet connection was usually set up so that the software could be updated.
But, in the end, the system doesn’t have to be connected to the Internet in order to be attacked – bribing a guard to plug in a USB drive with malware is an easy and effective alternative. As to the dangers following this kind of attack, they say that assassinations of target prisoners might be the greatest one.
The U.S. Department of Homeland Security has confirmed the validity of their results and the researchers have already demonstrated the attack to federal and state Bureaus of Prisons and a number of federal agencies.