Documentation
¶
Overview ¶
Package main models a Volt Typhoon-style network infrastructure destruction attack against a regional ISP backbone. An APT compromises the centralised TACACS+ authentication server, gaining CLI access to every Juniper device, then executes `request system zeroize media` — physically overwriting all storage media and permanently bricking the devices.
Unlike ransomware (potentially reversible) or SCADA manipulation (software-level), zeroize destroys the device at a hardware level. Recovery requires physical replacement (weeks of supply chain lead time) plus configuration restoration from backups — which are themselves unreachable because the network that connects to them has been destroyed.
Model 9 in "Protecting Critical Infrastructure" by Darragh Downey.
Source Files