Onze CFP is geopend! [Evenement] [CFP-portaal] [CFP details en tips]

Willem Westerhof - How an intern hacked the power grid


The Horus scenario, is a scenario describing a large scale cyber attack targeting the vital electrical infrastructure. This scenario was both theoretically and practically proven to exist during the thesis of Willem Westerhof.

Horus is an ancient Egyptian god, referred to in many different ways, which is in most cases related to the heavens or the sun. In mythology, one of his eyes stands for the sun, the other one of his eyes stands for the moon. The Horus scenario focuses on a cyber attack on PhotoVoltaic-installations (solar energy systems) and “recreates” the impact that a Solar eclipse has on the stability of the power grid, hence the reference to the old god.

In essence, this means that a scenario was created and proven where a malicious hacker targets the electrical grid by focusing on PV-installations and succeeds in causing large scale (Nation-wide or even continental) power outages. If this attack is ever truly executed in the wild, it is expected to cost billions of euros and have a direct and severe impact on everybody’s lives.


As a graduate with honours this (former)student performed serious ethical hacking work on PV-installations. He ended up disclosing a large number of vulnerabilities to the specific vendor, and mathematically proving that it was possible to cause large scale (nation-wide/continental wide) power outages using the discovered vulnerabilities.

Following his study he has worked as an ethical hacker/security specialist and done work on a large number of companies, different sectors, and specific products. He was also requested to advise the dutch national government (2e kamer) department of justice and safety regarding cyber security issues and how to deal with them.

He currently leads a small team of ethical hackers for the offensive security centre at ITsec security services. In addition, he provides workshops and trainings, performs penetration tests/vulnerability assessments, does research on password cracking and public speaking from time to time.



PDF-icoon Presentatie