Diagram showing the typical parts of a PLC used for door-control systems. Image courtesy of Teague Newman

“Vulnerabilities in electronic systems that control prison doors could allow hackers or others to spring prisoners from their jail cells, according to researchers,” writes Kim Zetter for Wired.com

According to security consultant and engineer John Strauchs, the same weaknesses that the Stuxnet superworm used to sabotage centrifuges at a nuclear plant in Iran exist in America’s prisons.

Strauchs plans demonstrate an exploit against the systems at the DefCon hacker conference which began in Las Vegas yesterday.

Zetter:

“Strauchs, who says he engineered or consulted on electronic security systems in more than 100 prisons, courthouses and police stations throughout the U.S. — including eight maximum-security prisons — says the prisons use programmable logic controllers to control locks on cells and other facility doors and gates. PLCs are the same devices that Stuxnet exploited to attack centrifuges in Iran.”

Advertisements