USA, 1979: The Three Mile Island Nuclear Generating Station suffered a core meltdown. Operators were unable to cope with the ambiguous signals the plant's HMI was sending, leading to one of the most serious nuclear accidents on US soil. Spain, 2007: Bypassing security checks, someone stole approximately 70 fuel pellets of uranium oxide from a nuclear fuel facility. They were later found abandoned nearby. How this material ended up there is still a mystery. Are these scenarios possible now? Critical infrastructure such as nuclear power plants, seaports, borders, and even hospitals are equipped with radiation monitoring devices. This equipment detects and prevents threats ranging from nuclear material smuggling to radiation contamination.
The purpose of this talk is to provide a comprehensive description of the technical details and approach used to discover multiple vulnerabilities that affect widely deployed radiation monitoring devices, involving software and firmware reverse engineering, RF analysis, and hardware hacking.
Ruben Santamarta is experienced in network penetration and web application testing, reverse engineering, industrial control systems, transportation, RF, embedded systems, AMI, vulnerability research, exploit development, and malware analysis. As a principal consultant at IOActive, Mr. Santamarta performs penetration testing, identifies system vulnerabilities and researches cutting-edge technologies. Mr. Santamarta has performed security services and penetration tests for numerous global organizations and a wide range of financial, technical, and educational institutions. He has presented at international conferences including Ekoparty, 4SICS, and Black Hat USA.