9.3. Unauthorized Access
Our last case study looks at a physical penetration test I did for a university in London. It may seem a little unfair to include a college; they're not exactly known for being high-security facilities, however this particular college hosted a powerful supercomputing center that was outsourced to do spatial modeling for the military, specifically to assess the effects of different classes of nuclear warheads in an urban environment modeled on the city. It unnerved me a little to know that such testing still goes on but at least these days it's modeled in computers rather than in actual urban environments.
Most of the university was just like any other: an open campus with stucco buildings and young idealistic students (who would probably freak if they knew the sort of research that took place under their noses). Tucked away from prying eyes a few select graduate students and government scientists were laboring away on a top-secret project. How far away from prying eyes was where we came in.
9.3.1. The Mission
It was an interesting assignment. We had three weeks to access data relating to the project on the IBM Bluegene and a completely open scope to do it. We were permitted to use any means we saw fit to gain access; after all, foreign intelligence services were unlikely to restrict themselves to a few port scans and other low-level hack attacks. Ultimately, physically penetrating the facility was likely to yield the best results.
9.3.2. Information ...
