Stuxnet-like worm could free prisoners from cells, say researchers

Posted by Emma Woollacott

A group of security researchers has pointed out in a paper that software vulnerabilities could allow criminals to spring prisoners from their cells.

Teague Newman, Tiffany Rad and John Strauchs say that the use of programmable logic controllers (PLCs) to control cell doors leaves them with similar vulnerabilities to utilities systems hit by the Stuxnet worm.

Stuxnet was recently used to sabotage centrifuges at a nuclear plant in Iran, by targeting PLCs from Siemens. But the team's method, they say, is not vendor-specific, and cost only $2,500 for the kit - just $500 if they'd used pirated software.

Attackers could open doors and even prevent alarms from sounding. They could also control everything from lighting and video surveillance to shower controls, they say.

The US has about 117 federal correctional facilities, 1,700 prisons and more than 3,000 jails. All but the smallest use PLCs to control doors and manage their security systems.

"Not many people outside the corrections community... knows that prison electronic systems were controlled by PLCs or that there are vulnerabilities in those PLCs that could put their lives at risk and those of prisoners in correctional facilities if proper system patches and computer usage policies are not followed," say the team. 

"Even within the correctional system, very few people knew unless they were directly involved in the design and construction of a prison. Having completed more than 100 justice design projects."

They say security facilities shoudld be cut off from the internet if possible, and supervision should be increased.