UPDATED 05:03 EDT / JANUARY 17 2013

NEWS

US Power Plant Shut Down by Malware-Infected USB Stick

In a case that bears strong similarities to the highly publicized Stuxnet attack on Iran, two US power plants have befallen the same fate, becoming infected with malware via USB sticks, according to the Department of Homeland Security.

In one of the two cases, both of which occurred last year, it’s believed that a technician working for an outside contractor unwittingly introduced malware designed to steal personal information after using his own USB stick. The incident led to the power plant being taken offline for three weeks before the virus could be eliminated.

“When the IT employee inserted the drive into a computer with up-to-date antivirus software, the antivirus software produced three positive hits. Initial analysis caused particular concern when one sample was linked to known sophisticated malware,” said the DHS Computer Readiness Emergency Team (ICS-CERT) in its report.

Here with more analysis on the news is Contributing Editor John Cassaretto, who appeared on this morning’s NewsDesk segment with Kristin Feledy.  The article continues below:

Researchers say that the malware was later discovered on two engineering work stations that perform critical tasks relating to the control of the power station. Because neither of these stations had any effective back up, the power plant was taken offline for three weeks.

ICS-CERT also says that a second power plant was infected by a similar method, only this time the virus is believed to have been more sophisticated. It said that this infection led to ten computers in a turbine control system becoming infected.

Researchers didn’t reveal too much about the nature of the malware, but they stressed that the two incidents highlighted the need for better controls over the use of removable media in critical installations like power plants.

“ICS-CERT continues to emphasize that owners and operators of critical infrastructure should develop and implement baseline security policies for maintaining up-to-date antivirus definitions, managing system patching, and governing the use of removable
media,” said the report.

“Such practices will mitigate many issues that could lead to extended system downtimes.”

ICS-CERT warned that USB sticks are a notoriously simply but effective way for hackers to gain entry to critical industrial installations, saying that it expected further such incidents to take place in future. The use of USB sticks as a means of entry was highlighted last year, when it was revealed that both the Stuxnet worm and the Flame malware had infected Iranian nuclear facilities in the same way.


A message from John Furrier, co-founder of SiliconANGLE:

Your vote of support is important to us and it helps us keep the content FREE.

One click below supports our mission to provide free, deep, and relevant content.  

Join our community on YouTube

Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.

“TheCUBE is an important partner to the industry. You guys really are a part of our events and we really appreciate you coming and I know people appreciate the content you create as well” – Andy Jassy

THANK YOU