Contact: Kenneth Billings
STARKVILLE, Miss.--A Mississippi State graduate student working with the university's Critical Infrastructure Protection Center could be nicknamed "Johnny-on-the spot."
Robert W. "Wes" McGrew of Collinsville recently discovered what is being called "a significant software vulnerability" that could allow hackers the ability to gain entry to computer control systems of numerous industries and potentially threaten national security.
Center director Ray Vaughn said the computer science doctoral student found serious flaws in software commonly used in worldwide nuclear power and oil and gas industries.
"We know that this software exists in very critical infrastructures in the U.S.," said Vaughn. "Through his research, Wes demonstrated how it was possible to obtain unauthorized access to the control system in just a few seconds.
"He then discovered how to break every encoded password in the system and how to bypass password security altogether," Vaughn added.
The National Security Agency was notified immediately of McGrew's discovery. Shortly thereafter, the Department of Homeland Security broadcast an alert that included information on how to rectify the problem.
"Wes is one of the most technical students we have and a real asset to the department of computer science and engineering," Vaughn observed. "He now also has proven himself to be an asset to the federal government."
McGrew, the son of Robert and Vickie McGrew, received MSU bachelor's and master's degrees in computer science in 2002 and 2005, respectively.
The Critical Infrastructure Protection Center is part of MSU's Bagley College of Engineering. (Visit www.security.cse.msstate.edu/cipc/.)
NEWS EDITORS/DIRECTORS: For additional information on McGrew's discovery, contact Dr. Vaughn at 325-7450 or Vaughn@cse.msstate.edu.
For more information about Mississippi State University, see http://www.msstate.edu/.