Information Security News
mailing list archives
Feds confirm prisons vulnerable to Stuxnet-like attack
From: InfoSec News <alerts () infosecnews org>
Date: Thu, 10 Nov 2011 02:15:12 -0600 (CST)
By Kevin McCaney
Nov 09, 2011
Federal authorities have confirmed an assertion by security researchers
earlier this year that Stuxnet-like malware poses a potential threat to
controls at prisons and penitentiaries across the country.
The researchers made their claim in a white paper published July 31, in
which they say that the programmable logic controllers used to control
doors, video systems, alarms and intercoms at prisons could be
compromised and controlled remotely. They presented the paper at the
recent Hacker Halted conference in Miami.
Sean McGurk, who headed DHS’ efforts on industrial control systems
security until leaving in September, told the Washington Times’ Shaun
Waterman that DHS had examined the research at Idaho National
Laboratory’s ICS test bed and “validated” the claims.
A spokesman for the Federal Bureau of Prisons also told Waterman that
the bureau is “aware of this research and taking it very seriously.”
The research team — security engineer and former CIA operations officer
John Strauchs; his daughter Tiffany Rad, president of ELCnetworks; and
information security consultant Teague Newman — began their work after a
prison warden asked Strauchs to look into why all the cell doors on the
prisons’ death row popped open one Christmas Eve.
Subscribe to InfoSec News - www.infosecnews.org
- Feds confirm prisons vulnerable to Stuxnet-like attack InfoSec News (Nov 10)