No Comments

Expert tells how he broke into a nuclear power plant


Charles Hamilton, chief security consultant for the SpiderLabs team at information security firm Trustwave, gave an interview to the company’s blog about his experience in conducting penetration tests at a nuclear power plant. For obvious safety reasons, Hamilton did not disclose details that could identify the plant, because he actually managed to break into his network: “There are many details that I cannot tell for obvious reasons,” said Hamilton.

As the expert explained, the main purpose of the tests was to find out whether hackers could take control of a nuclear reactor. Fortunately, this is almost impossible due to the physical barrier between the corporate network and the plant itself. “Of course, we shouldn’t forget about malware like Stuxnet, designed specifically for attacks on a nuclear power plant and distributed via a USB stick. However, these scenarios are not part of a penetration test plan, ”he said.

The first vulnerability discovered during the test was related to suppliers whose services the plant used. They had installed an unsafe Wi-Fi hotspot, which became a researcher’s entry point into the corporate network.

“When I logged in, it was the same corporate network as any other, with several Windows and Linux systems, and they were also running Windows NT 4.0. I was able to get direct access to the network and some interesting things using monitoring tools, ”said Hamilton.

Two hours later, the researcher already had domain administrator privileges and gained access to information about how the plant works.

“If I were involved in espionage or sabotage in the interest of a foreign country, I could see indicators such as the level of pressure, etc.,” said the researcher.

Even for companies or organizations not involved in critical infrastructure, Hamilton said, the main lesson here is that the corporate network will always be one of the most vulnerable points. Companies should always remember that their internal networks are just as vulnerable as their external perimeters.

With international agencies

See the original post at:

You might also like

More Similar Posts

Leave a Reply

Your email address will not be published. Required fields are marked *

Fill out this field
Fill out this field
Please enter a valid email address.