Slammer (Jan 03) Crashed Ohio Nuke Plant
The article shows how network admins do not understand the connectivity of their networks, which then allows customer networks and VPN clients to bypass external-facing access control:
"It began by penetrating the unsecured network of an unnamed Davis-Besse contractor, then squirmed through a T1 line bridging that network and Davis-Besse's corporate network. The T1 line, investigators later found, was one of multiple ingresses into Davis-Besse's business network that completely bypassed the plant's firewall, which was programmed to block the port Slammer used to spread. 'This is in essence a backdoor from the Internet to the Corporate internal network that was not monitored by Corporate personnel,' reads the April NRC filing by FirstEnergy's Dale Wuokko. '[S]ome people in Corporate's Network Services department were aware of this T1 connection and some were not.'"