SCADA and PLC vulnerabilities in correctional facilities

Many prisons and jails use SCADA systems with PLCs to open and close doors. Using original and publicly available exploits along with evaluating vulnerabilities in electronic and physical security designs, researchers discovered significant vulnerabilities in PLCs used in correctional facilities by being able to remotely flip the switches to “open” or “locked closed” on cell doors and gates.

The researchers did a walk-through in a U.S. jails and saw PLCs in use, took pictures and saw prison guards accessing Gmail from the Control Room computers.

They present the results of this research with a discussion on electronic and physical security vulnerabilities in modern prison design.