28C3 - Version 2.3.5

28th Chaos Communication Congress
Behind Enemy Lines

Speakers
Teague
Tiffany Rad
Schedule
Day Day 1 - 2011-12-27
Room Saal 2
Start time 16:00
Duration 01:00
Info
ID 4661
Event type Lecture
Track Hacking
Language used for presentation English
Feedback

SCADA and PLC Vulnerabilities in Correctional Facilities

Tiffany Rad, Teague Newman, John Strauchs

Many prisons and jails use SCADA systems with PLCs to open and close doors. Using original and publically available exploits along with evaluating vulnerabilities in electronic and physical security designs, Newman, Rad and Strauchs have discovered significant vulnerabilities in PLCs used in correctional facilities by being able to remotely flip the switches to “open” or “locked closed” on cell doors and gates. This talk will evaluate and demo SCADA systems and PLC vulnerabilities in correctional and government secured facilities while recommending solutions.

We figured out how to remotely hack into prisons cell and gate control systems by using publically available Siemens PLC exploits as well as creating our own. Teague and Tiffany did a walk-through a jail in the southwest, USA, saw PLCs in use, took pictures and saw prison guards accessing Gmail from the Control Room computers. We will be presenting the results of this research with John Strauchs discussing electronic and physical security vulnerabilities in modern prison design. Our research was presented at Defcon 19, Las Vegas, NV.