Breaking into a power station in three easy steps
“I will tell (you) how to break into a nuclear reactor,” Ira Winkler, president of security firm ISAG said as he launched into his presentation on “How to Take Down the Power Grid” at RSA 2008 on Tuesday night.
“Frankly, it’s really easy to break into the power grid,” he said. “It happens all the time.”
First, you set up a Web server that downloads spyware onto the computers that visit.
Second, you send an e-mail to people who work inside a power station that entices them to click on a hyperlink to the Web server with the spyware. Warning them that their human resources benefits are going to be cut and sending them to a Web site with “hr.com” in the domain would work, according to Winkler, who said he has done this several times in company-approved penetration tests.
Third, you wait as the recipients–and everyone else they forwarded the e-mail to–visit the server and get infected.
“Then we had full system control,” he said. “Once the malware was downloaded onto their systems…we could see the screens and manipulate the cursors.”