Flaw Found in US Prisons' Computerized Security Systems

November 9, 2011

Security holes in the computer systems of federal prisons in the United States can effectively allow hackers to trigger a jailbreak by remote control.

A group of researchers disclosed the vulnerability at the Hacker Halted information security conference in Miami last Oct. 26, the Washington Times reported.

The report said the researchers showed how the flaws allowed outsiders to potentially remotely take over systems to open and overload cell door mechanisms and shut down internal communications systems.

According to the report, the US Federal Bureau of Prisons said it is aware of the research and taking it seriously.

The security systems in most American prisons are run by special computer equipment called industrial control systems (ICS), which control power plants, water treatment facilities and other critical national infrastructure, have increasingly been targeted by hackers because an attack on one such system successfully sabotaged Iran’s nuclear program in 2009, the Washington Times report said.

The report also said the researchers spent less than $2,500 to develop the attacks that could take control of prisons' ICSs.

I want to hear from you. Tell me how we can improve.

BNP Media Owner & Co-CEO, Tagg Henderson

You must login or register in order to post a comment.

Chad Schermerhorn, Security Expert at Brivo, will discuss how your physical security stack should be an operational asset. It should be based on the strongest, and most-up-to-date smart security that can protect you today and adapt for unexpected threats that may come.

DevSecOps creates an environment of shared responsibility for security, where AppSec and development teams become more collaborative. With the right training and tools, developers can become more hands-on with security and, with that upskilling, stand out among their peers... however, they need the security specialists on-side, factoring them into securing code from the start and championing this mindset across the company.

Security Magazine

2020 June

This month in Security magazine, we highlight COVID-19 and infosec's response. How has the sudden shift to remote work changed the roles of CISOs and security teams? Also this month, we profile Justin Dolly, CSO at Sauce Labs, his view on infosec and building security teams. In addition, security experts discuss continuous monitoring, radicalism, quantum technology, endpoint security and more.

View More Create Account

Flaw Found in US Prisons' Computerized Security Systems

Related Articles

Report Abusive Comment