News / USA

    Malicious Virus Shuttered US Power Plant

    Computer keyboard Computer keyboard
    x
    Computer keyboard
    Computer keyboard
    Reuters
    A computer virus attacked a turbine control system at a U.S. power company last fall when a technician unknowingly inserted an infected USB computer drive into the network, keeping a plant off line for three weeks, according to a report posted on a U.S. government website.
           
    The Department of Homeland Security report did not identify the plant but said criminal software, which is used to conduct financial crimes such as identity theft, was behind the incident.
           
    It was introduced by an employee of a third-party contractor that does business with the utility, according to the agency.
           
    DHS reported the incident, which occurred in October, along with a second involving a more sophisticated virus, on its website as cyber experts gather at a high-profile security conference in Miami known as S4 to review emerging threats against power plants, water utilities and other parts of the critical infrastructure.
           
    In addition to not identifying the plants, a DHS spokesman declined to say where they are located.
           
    Interest in the area has surged since 2010 when the Stuxnet computer virus was used to attack Iran's nuclear program. Although the United States and Israel were widely believed to be behind Stuxnet, experts believe that hackers may be copying the technology to develop their own viruses.
           
    Justin W. Clarke, a security researcher with a firm known as Cylance that helps protect utilities against cyber attacks, noted that experts believe Stuxnet was delivered to its target in Iran via a USB drive. Attackers use that technique to place malicious software on computer systems that are ``air gapped,'' or cut off from the public Internet.
           
    ``This is yet another stark reminder that even if a true 'air gap' is in place on a control network, there are still ways that malicious targeted or unintentional random infection can occur,'' he said.
           
    Aging Systems       

    Many critical infrastructure control systems run on Windows XP and Windows 2000, operating systems that were designed more than a decade ago. They have ``auto run'' features enabled by default, which makes them an easy target for infection because malicious software loads as soon as a USB is plugged into the system unless operators change that setting, Clarke said.
           
    The Department of Homeland Security's Industrial Control Systems Cyber Emergence Response Team (ICS-CERT), which helps protect critical U.S. infrastructure, described the incident in a quarterly newsletter that was accessed via its website on Wednesday.
           
    The report from ICS-CERT described a second incident in which it said it had recently sent technicians to clean up computers infected by common as well as ``sophisticated'' viruses on workstations that were critical to the operations of a power generation facility.
           
    The report did not say who the agency believed was behind the sophisticated virus or if it was capable of sabotage. DHS uses the term "sophisticated'' to describe a wide variety of malicious software that is designed to do things besides commit routine cyber crimes. They include viruses capable of espionage and sabotage.
           
    A DHS spokesman could not immediately be reached to comment on the report.
           
    The Department of Homeland Security almost never identifies critical infrastructure operators that are hit by viruses, or even their locations, but it does provide statistics.
           
    It said ICS-CERT responded to 198 cyber incidents reported by energy companies, public water districts and other infrastructure facilities in the fiscal year ending Sept. 30, 2012.
           
    Attacks against the energy sector represented 41 percent of the total number of incidents in fiscal 2012. According to the report, ICS-CERT helped 23 oil and natural gas sector organizations after they were hit by a targeted spear-phishing campaign - when emails with malicious content are specifically targeted at their employees.
           
    The water sector had the second highest number of incidents,
     representing 15 percent.

    You May Like

    Video Obama Remembers Fallen Troops for Memorial Day

    President urges Americans this holiday weekend to 'take a moment and offer a silent word of prayer or public word of thanks' to country's veterans

    Upsurge of Migratory Traffic Across Sahara From West to North Africa

    A report by the International Organization for Migration finds more than 60,000 migrants have transited through the Agadez region of Niger between February and April

    UN Blocks Access to Journalist Advocacy Group

    United Nations has rejected bid from nonprofit journalist advocacy group that wanted 'consultative status,' ranking that would have given them greater access to UN meetings

    This forum has been closed.
    Comment Sorting
    Comments
         
    by: Timur Tyncherov
    January 23, 2013 9:50 AM
    Laugh and cry at the same time. Any half-competent sysadmin would not allow the auto-run feature to be enabled on the control network of a critical infrastructure facility. And any competent sysadmin would set up the access rights in a way that prevents “an employee of a third-party contractor” from running the malicious software on a critical workstation. And yes, it IS possible even on Windows XP/2000.

    by: Christopher Hobe Morrison from: Pine Bush, NY, USA
    January 16, 2013 9:39 PM
    Uhhhh, computers not connected to the internet to prevent them from being infected, and somebody inserted an infected USB into the computer?

    Didn't somebody run a check on something that was going to be used like that? Are outside people allowed to do things that might result in that sort of thing happening?

    Featured Videos

    Your JavaScript is turned off or you have an old version of Adobe's Flash Player. Get the latest Flash player.
    Chinese-Americans Heart Trump, Bucking National Trendi
    X
    May 27, 2016 5:57 AM
    A new study conducted by three Asian-American organizations shows there are three times as many Democrats as there are Republicans among Asian-American voters, and they favor Hillary Clinton over Donald Trump. But one group, called Chinese-Americans For Trump, is going against the tide and strongly supports the business tycoon. VOA’s Elizabeth Lee caught up with them at a Trump rally and reports from Anaheim, California.
    Video

    Video Chinese-Americans Heart Trump, Bucking National Trend

    A new study conducted by three Asian-American organizations shows there are three times as many Democrats as there are Republicans among Asian-American voters, and they favor Hillary Clinton over Donald Trump. But one group, called Chinese-Americans For Trump, is going against the tide and strongly supports the business tycoon. VOA’s Elizabeth Lee caught up with them at a Trump rally and reports from Anaheim, California.
    Video

    Video Reactions to Trump's Success Polarized Abroad

    What seemed impossible less than a year ago is now almost a certainty. New York real estate mogul Donald Trump has won the number of delegates needed to secure the Republican presidential nomination. The prospect has sparked as much controversy abroad as it has in the United States. Zlatica Hoke has more.
    Video

    Video Drawings by Children in Hiroshima Show Hope and Peace

    On Friday, President Barack Obama will visit Hiroshima, Japan, the first American president to do so while in office. In August 1945, the United States dropped an atomic bomb on the city to force Japan's surrender in World War II. Although their city lay in ruins, some Hiroshima schoolchildren drew pictures of hope and peace. The former students and their drawings are now part of a documentary called “Pictures from a Hiroshima Schoolyard.” VOA's Deborah Block has the story.
    Video

    Video Vietnamese Rapper Performs for Obama

    A prominent young Vietnamese artist told President Obama said she faced roadblocks as a woman rapper, and asked the president about government support for the arts. He asked her to rap, and he even offered to provide a base beat for her. Watch what happened.
    Video

    Video Roots Run Deep for Tunisia's Dwindling Jewish Community

    This week, hundreds of Jewish pilgrims are defying terrorist threats to celebrate an ancient religious festival on the Tunisian island of Djerba. The festivities cast a spotlight on North Africa's once-vibrant Jewish population that has all but died out in recent decades. Despite rising threats of militant Islam and the country's battered economy, one of the Arab world's last Jewish communities is staying put and nurturing a new generation. VOA’s Lisa Bryant reports.
    Video

    Video Meet Your New Co-Worker: The Robot

    Increasing numbers of robots are joining the workforce, as companies scale back and more processes become automated. The latest robots are flexible and collaborative, built to work alongside humans as opposed to replacing them. VOA’s Tina Trinh looks at the next generation of automated employees helping out their human colleagues.
    Video

    Video Wheelchair Technology in Tune With Times

    Technologies for the disabled, including wheelchair technology, are advancing just as quickly as everything else in the digital age. Two new advances in wheelchairs offer improved control and a more comfortable fit. VOA's George Putic reports.
    Video

    Video Baby Boxes Offer Safe Haven for Unwanted Children

    No one knows exactly how many babies are abandoned worldwide each year. The statistic is a difficult one to determine because it is illegal in most places. Therefore unwanted babies are often hidden and left to die. But as Erika Celeste reports from Woodburn, Indiana, a new program hopes to make surrendering infants safer for everyone.
    Video

    Video California Celebration Showcases Local Wines, Balloons

    Communities in the U.S. often hold festivals to show what makes them special. In California, for example, farmers near Fresno celebrate their figs and those around Gilmore showcase their garlic. Mike O'Sullivan reports that the wine-producing region of Temecula offers local vintages in an annual festival where rides on hot-air balloons add to the excitement.
    Video

    Video US Elementary School Offers Living Science Lessons

    Zero is not a good score on a test at school. But Discovery Elementary is proud of its “net zero” rating. Net zero describes a building in which the amount of energy provided by on-site renewable sources equals the amount of energy the building uses. As Faiza Elmasry tells us, the innovative features in the building turn the school into a teaching tool, where kids can't help but learn about science and sustainability. Faith Lapidus narrates.

    Special Report

    Adrift The Invisible African Diaspora