News / USA

Malicious Virus Shuttered US Power Plant

Computer keyboardComputer keyboard
x
Computer keyboard
Computer keyboard
Reuters
A computer virus attacked a turbine control system at a U.S. power company last fall when a technician unknowingly inserted an infected USB computer drive into the network, keeping a plant off line for three weeks, according to a report posted on a U.S. government website.
       
The Department of Homeland Security report did not identify the plant but said criminal software, which is used to conduct financial crimes such as identity theft, was behind the incident.
       
It was introduced by an employee of a third-party contractor that does business with the utility, according to the agency.
       
DHS reported the incident, which occurred in October, along with a second involving a more sophisticated virus, on its website as cyber experts gather at a high-profile security conference in Miami known as S4 to review emerging threats against power plants, water utilities and other parts of the critical infrastructure.
       
In addition to not identifying the plants, a DHS spokesman declined to say where they are located.
       
Interest in the area has surged since 2010 when the Stuxnet computer virus was used to attack Iran's nuclear program. Although the United States and Israel were widely believed to be behind Stuxnet, experts believe that hackers may be copying the technology to develop their own viruses.
       
Justin W. Clarke, a security researcher with a firm known as Cylance that helps protect utilities against cyber attacks, noted that experts believe Stuxnet was delivered to its target in Iran via a USB drive. Attackers use that technique to place malicious software on computer systems that are ``air gapped,'' or cut off from the public Internet.
       
``This is yet another stark reminder that even if a true 'air gap' is in place on a control network, there are still ways that malicious targeted or unintentional random infection can occur,'' he said.
       
Aging Systems       

Many critical infrastructure control systems run on Windows XP and Windows 2000, operating systems that were designed more than a decade ago. They have ``auto run'' features enabled by default, which makes them an easy target for infection because malicious software loads as soon as a USB is plugged into the system unless operators change that setting, Clarke said.
       
The Department of Homeland Security's Industrial Control Systems Cyber Emergence Response Team (ICS-CERT), which helps protect critical U.S. infrastructure, described the incident in a quarterly newsletter that was accessed via its website on Wednesday.
       
The report from ICS-CERT described a second incident in which it said it had recently sent technicians to clean up computers infected by common as well as ``sophisticated'' viruses on workstations that were critical to the operations of a power generation facility.
       
The report did not say who the agency believed was behind the sophisticated virus or if it was capable of sabotage. DHS uses the term "sophisticated'' to describe a wide variety of malicious software that is designed to do things besides commit routine cyber crimes. They include viruses capable of espionage and sabotage.
       
A DHS spokesman could not immediately be reached to comment on the report.
       
The Department of Homeland Security almost never identifies critical infrastructure operators that are hit by viruses, or even their locations, but it does provide statistics.
       
It said ICS-CERT responded to 198 cyber incidents reported by energy companies, public water districts and other infrastructure facilities in the fiscal year ending Sept. 30, 2012.
       
Attacks against the energy sector represented 41 percent of the total number of incidents in fiscal 2012. According to the report, ICS-CERT helped 23 oil and natural gas sector organizations after they were hit by a targeted spear-phishing campaign - when emails with malicious content are specifically targeted at their employees.
       
The water sector had the second highest number of incidents,
 representing 15 percent.

You May Like

Tired of Waiting, South Africans Demand Change ‘Now’

With chronic poverty and lack of basic services largely fueling recent xenophobic attacks, many in Rainbow Nation say it’s time for government to act More

Challenges Ahead for China's Development Plans in Pakistan

Planned $46 billion in energy and infrastructure investments in Pakistan are aimed at transforming the country into a regional hub for trade and investment More

Audio 'Forbidden City' Revisits Little Known Era of Asian-American Entertainment

Little-known chapter of entertainment history captured in 80s documentary is revisited in new digitally remastered format and book More

This forum has been closed.
Comment Sorting
Comments
     
by: Timur Tyncherov
January 23, 2013 9:50 AM
Laugh and cry at the same time. Any half-competent sysadmin would not allow the auto-run feature to be enabled on the control network of a critical infrastructure facility. And any competent sysadmin would set up the access rights in a way that prevents “an employee of a third-party contractor” from running the malicious software on a critical workstation. And yes, it IS possible even on Windows XP/2000.

by: Christopher Hobe Morrison from: Pine Bush, NY, USA
January 16, 2013 9:39 PM
Uhhhh, computers not connected to the internet to prevent them from being infected, and somebody inserted an infected USB into the computer?

Didn't somebody run a check on something that was going to be used like that? Are outside people allowed to do things that might result in that sort of thing happening?

Featured Videos

Your JavaScript is turned off or you have an old version of Adobe's Flash Player. Get the latest Flash player.
Study: Insecticide Damaging Wild Bee Populationsi
X
April 24, 2015 10:13 PM
A popular but controversial type of insecticide is damaging important wild bee populations, according to a new study. VOA’s Steve Baragona has more.
Video

Video Study: Insecticide Damaging Wild Bee Populations

A popular but controversial type of insecticide is damaging important wild bee populations, according to a new study. VOA’s Steve Baragona has more.
Video

Video Data Servers Could Heat Private Homes

As every computer owner knows, when their machines run a complex program they get pretty hot. In fact, cooling the processors can be expensive, especially when you're dealing with huge banks of computer servers. But what if that energy could heat private homes? VOA’s George Putic reports that a Dutch energy firm aims to do just that.
Video

Video Cinema That Crosses Borders Showcased at Tribeca Film Festival

Among the nearly 100 feature length films being shown at this year’s Tribeca Film Festival in New York City are more than 20 documentaries and features with international appeal, from a film about a Congolese businessman in China, to documentaries shot in Pakistan and diaspora communities in the U.S., to a poetic look at disaffected South African youth. VOA’s Carolyn Weaver has more.
Video

Video UN Confronts Threat of Young Radicals

The radicalization and recruitment of young people into Islamist extremist groups has become a growing challenge for governments worldwide. On Thursday, the U.N. Security Council heard from experts on the issue, which has become a potent threat to international peace and security. VOA’s Margaret Besheer reports.
Video

Video Growing Numbers of Turks Discover Armenian Ancestry

In a climate of improved tolerance, growing numbers of people in Turkey are discovering their grandmothers were Armenian. Hundreds of thousands of Armenians escaped the mass deportations and slaughter of the early 1900's by forced conversion to Islam. Or, Armenian children were taken in by Turkish families and assimilated. Now their stories are increasingly being heard. Dorian Jones reports from Istanbul that the revelations are viewed as an important step.
Video

Video Migrants Trek Through Western Balkans to Reach EU

Migrants from Africa and other places are finding different routes into the European Union in search of a better life. The Associated Press followed one clandestine group to document their trek through the western Balkans to Hungary. Zlatica Hoke reports that the migrants started using that route about four years ago. Since then, it has become the second-most popular path into Western Europe, after the option of sailing from North Africa to Italy.
Video

Video TIME Magazine Honors Activists, Pioneers Seen as Influential

TIME Magazine has released its list of celebrities, leaders and activists, whom it deems the world’s “most influential” in 2015. VOA's Ramon Taylor reports from New York.
Video

Video US Businesses See Cuba as New Frontier

The Obama administration's opening toward Cuba is giving U.S. companies hope they'll be able to do business in Cuba despite the continuation of the U.S. economic embargo against the communist nation. Some American companies have been able to export some products to Cuba, but the recent lifting of Cuba's terrorism designation could relax other restrictions. As VOA's Daniela Schrier reports, corporate heavy hitters are lining up to head across the Florida Straits - though experts urge caution.
Video

Video Kenya Launches Police Recruitment Drive After Terror Attacks

Kenya launched a major police recruitment drive this week as part of a large-scale effort to boost security following a recent spate of terror attacks. VOA’s Gabe Joselow reports that allegations of corruption in the process are raising old concerns about the integrity of Kenya’s security forces.
Video

Video Japan, China in Race for Asia High-Speed Rail Projects

A lucrative competition is underway in Asia for billions of dollars in high-speed rail projects. Cambodia, India, Indonesia, Malaysia Thailand and Vietnam are among the countries planning to move onto the fast track. They are negotiating with Japan and the upstart Chinese who are locked in a duel to revolutionize transportation across Asia. VOA Correspondent Steve Herman in Bangkok has details.
Video

Video Scientists: Mosquitoes Attracted By Our Genes

Some people always seem to get bitten by mosquitoes more than others. Now, scientists have proved that is really the case - and they say it’s all because of genes. It’s hoped the research might lead to new preventative treatments for diseases like malaria, as Henry Ridgwell reports from London.
Video

Video Bible Museum Coming to Washington DC

Washington is the center of American political power and also home to some of the nation’s most visited museums. A new one that will showcase the Bible has skeptics questioning the motives of its conservative Christian funders. VOA religion correspondent Jerome Socolovsky reports.
Video

Video Armenia and Politics of Word 'Genocide'

A century ago this April, hundreds of thousands of Armenians of the Turkish Ottoman empire were deported and massacred, and their culture erased from their traditional lands. While broadly accepted by the U.N. and at least 20 countries as “genocide”, the United States and Turkey have resisted using that word to describe the atrocities that stretched from 1915 to 1923. But Armenians have never forgotten.
Video

Video Afghan First Lady Pledges No Roll Back on Women's Rights

Afghan First Lady Rula Ghani, named one of Time's 100 Most Influential, says women should take part in talks with Taliban. VOA's Rokhsar Azamee has more from Kabul.
Video

Video New Brain Mapping Techniques Could Ease Chronic Pain

From Boulder, Colorado, Shelley Schlender reports that new methods for mapping pain in the brain are providing validation for chronic pain and might someday guide better treatment.

VOA Blogs