Prisons & Cyber Terror

Title: Can Hackers Unlock Prison Doors?
Date: November 10, 2011
Source: AllGov

Abstract: Officials with the Federal Bureau of Prisons have been informed that U.S. penitentiaries could be vulnerable to cyber attacks that would help prisoners escape.

Most American prisons are operated by industrial control systems (ICS) that also are used by power plants, water treatment facilities and other infrastructure operations. ICS’ vulnerability was demonstrated two years in Iran, when hackers sabotaged that country’s nuclear program by exploiting its Siemens programmable logic controllers (PLCs). Almost all of the 117 federal correctional facilities, 1,700 prisons and 3,000+ jails in the United States use PLCs to control doors and manage their security systems.

In the case of prisons, a cyber attack could disable controls that lock cell doors, while “the system would be telling the control room they are all closed,” John Strauchs, a former Central Intelligence Agency operations officer whose firm produced the report for the bureau, told the Washington Times.

Hackers also could disrupt secure communications throughout a prison and crash closed-circuit television systems, leaving guards blind to certain wings and hallways, according to Strauchs (AllGov, 2011)

Title: Hacker Cracks 4 million Hotel Locks With 'James Bond Dry Erase Marker'
Date: October 6, 2012
Daily Mail

Abstract: This new hacker invention may look like a harmless dry erase marker, but in truth it's the ultimate electronic lock pick. 

In a post titled 'James Bond's Dry Erase Marker,' hotel hacker Matthew Jakubowski demonstrates how anyone can build this pocket-sized device which will open the lock on an estimated 4 million hotel rooms.

'I guess we wanted to show that this sort of attack can happen with a very small concealable device,' says Matthew Jakubowski, a security researcher with Trustwave, told Forbes. 'Someone using this could be searched and even then it wouldn't be obvious that this isn't just a pen.'

The device exploits a vulnerability in Onity locks, a cheap lock used on millions of hotel room doors.

Onity's site boasts their locks are used in 22,000 hotel worldwide.

The lock has a small port on its bottom designed for hotels to set master keys. 

Hacker Cody Brocious discovered you could read the lock's memory through this port, including a decryption key.

Borcious demonstrated a large, unwieldy device that could open a small percentage of locks this July at the Black Hat security conference.

Onity responded with a way to patch the weakness in August, but the fix required hotels to make costly hardware repairs to millions of locks as well as pay for a more secure version.

Security experts believe the expense has likely left a huge percentage of hotel rooms with the easily cracked model. 

Jakubowski's refined version can pop most locks in a fraction of a second.

Even if security searched a guest, its unlikely many people would see a dry erase marker as a threat. 

And future versions may be even smaller and easier conceal.

'This is by no means the best solution or the only solution to make this fit into a pen, but for what we had available and with the time we had to do it, it's what we were able to come up with,' Jakubowski wrote in a blog post explaining the hack (Daily Mail, 2012)