News / USA

Malicious Virus Shuttered US Power Plant

Computer keyboard Computer keyboard
x
Computer keyboard
Computer keyboard
Reuters
A computer virus attacked a turbine control system at a U.S. power company last fall when a technician unknowingly inserted an infected USB computer drive into the network, keeping a plant off line for three weeks, according to a report posted on a U.S. government website.
       
The Department of Homeland Security report did not identify the plant but said criminal software, which is used to conduct financial crimes such as identity theft, was behind the incident.
       
It was introduced by an employee of a third-party contractor that does business with the utility, according to the agency.
       
DHS reported the incident, which occurred in October, along with a second involving a more sophisticated virus, on its website as cyber experts gather at a high-profile security conference in Miami known as S4 to review emerging threats against power plants, water utilities and other parts of the critical infrastructure.
       
In addition to not identifying the plants, a DHS spokesman declined to say where they are located.
       
Interest in the area has surged since 2010 when the Stuxnet computer virus was used to attack Iran's nuclear program. Although the United States and Israel were widely believed to be behind Stuxnet, experts believe that hackers may be copying the technology to develop their own viruses.
       
Justin W. Clarke, a security researcher with a firm known as Cylance that helps protect utilities against cyber attacks, noted that experts believe Stuxnet was delivered to its target in Iran via a USB drive. Attackers use that technique to place malicious software on computer systems that are ``air gapped,'' or cut off from the public Internet.
       
``This is yet another stark reminder that even if a true 'air gap' is in place on a control network, there are still ways that malicious targeted or unintentional random infection can occur,'' he said.
       
Aging Systems       

Many critical infrastructure control systems run on Windows XP and Windows 2000, operating systems that were designed more than a decade ago. They have ``auto run'' features enabled by default, which makes them an easy target for infection because malicious software loads as soon as a USB is plugged into the system unless operators change that setting, Clarke said.
       
The Department of Homeland Security's Industrial Control Systems Cyber Emergence Response Team (ICS-CERT), which helps protect critical U.S. infrastructure, described the incident in a quarterly newsletter that was accessed via its website on Wednesday.
       
The report from ICS-CERT described a second incident in which it said it had recently sent technicians to clean up computers infected by common as well as ``sophisticated'' viruses on workstations that were critical to the operations of a power generation facility.
       
The report did not say who the agency believed was behind the sophisticated virus or if it was capable of sabotage. DHS uses the term "sophisticated'' to describe a wide variety of malicious software that is designed to do things besides commit routine cyber crimes. They include viruses capable of espionage and sabotage.
       
A DHS spokesman could not immediately be reached to comment on the report.
       
The Department of Homeland Security almost never identifies critical infrastructure operators that are hit by viruses, or even their locations, but it does provide statistics.
       
It said ICS-CERT responded to 198 cyber incidents reported by energy companies, public water districts and other infrastructure facilities in the fiscal year ending Sept. 30, 2012.
       
Attacks against the energy sector represented 41 percent of the total number of incidents in fiscal 2012. According to the report, ICS-CERT helped 23 oil and natural gas sector organizations after they were hit by a targeted spear-phishing campaign - when emails with malicious content are specifically targeted at their employees.
       
The water sector had the second highest number of incidents,
 representing 15 percent.

You May Like

Polls Open in Scotland Independence Vote

As race to persuade undecided voters continues, 'No' voters say they believe life in Scotland will slowly improve, 'Yes' vote not worth the risk More

China-India Border Standoff Continues as Leaders Hold Summit

New Delhi accuses hundreds of Chinese soldiers of illegally entering Indian territory in disputed region of Ladakh More

Ukrainian Activist in Despair About Future of Her Country

IrIna Dovgan, accused of being a spy and tortured by pro-Russian separatists, is appealing to UN Human Rights Council to support her country More

This forum has been closed.
Comment Sorting
Comments
     
by: Timur Tyncherov
January 23, 2013 9:50 AM
Laugh and cry at the same time. Any half-competent sysadmin would not allow the auto-run feature to be enabled on the control network of a critical infrastructure facility. And any competent sysadmin would set up the access rights in a way that prevents “an employee of a third-party contractor” from running the malicious software on a critical workstation. And yes, it IS possible even on Windows XP/2000.


by: Christopher Hobe Morrison from: Pine Bush, NY, USA
January 16, 2013 9:39 PM
Uhhhh, computers not connected to the internet to prevent them from being infected, and somebody inserted an infected USB into the computer?

Didn't somebody run a check on something that was going to be used like that? Are outside people allowed to do things that might result in that sort of thing happening?

Featured Videos

Your JavaScript is turned off or you have an old version of Adobe's Flash Player. Get the latest Flash player.
A Dinosaur Fit for Land and Wateri
X
September 17, 2014 8:44 PM
Residents and tourists in Washington D.C. can now examine a life-size replica of an unusual dinosaur that lived almost a hundred million years ago in northern Africa. Scientists say studying the behemoth named Spinosaurus helps them better understand how some prehistoric animals adapted to life on land and in water. The Spinosaurus replica is on display at the National Geographic museum. VOA’s George Putic has more.
Video

Video A Dinosaur Fit for Land and Water

Residents and tourists in Washington D.C. can now examine a life-size replica of an unusual dinosaur that lived almost a hundred million years ago in northern Africa. Scientists say studying the behemoth named Spinosaurus helps them better understand how some prehistoric animals adapted to life on land and in water. The Spinosaurus replica is on display at the National Geographic museum. VOA’s George Putic has more.
Video

Video Iraqi Kurdistan Church Helps Christian Children Cope find shelter in churches in the Kurdish capital, Irbil

In the past six weeks, tens of thousands of Iraqi Christians have been forced to flee their homes by Islamic State militants and find shelter in churches in the Kurdish capital, Irbil. Despite U.S. airstrikes in the region, the prospect of people returning home is still very low and concerns are starting to grow over the impact this is having on the displaced youth. Sebastian Meyer reports from Irbil on how one church is coping.
Video

Video NASA Picks Boeing, SpaceX to Carry Astronauts Into Space

The U.S. space agency, NASA, has chosen Boeing and SpaceX companies to build the next generation of spacecraft that will carry U.S. astronauts to the International Space Station by the year 2017. The deal with private industry enables NASA to end its dependence on Russia to send space crews into low Earth orbit and back. Zlatica Hoke has more.
Video

Video Future of Ukrainian Former President's Estate Uncertain

More than six months after Ukraine's former President Viktor Yanukovych fled revolution to Russia, authorities have yet to gain control of his palatial estate. Protesters occupy the grounds and opened it to tourists but they are also refusing to turn it over to the state. VOA's Daniel Schearf reports from Mezhigirya, just north of Kyiv.
Video

Video China Muslims Work to Change Perceptions After Knife Attacks

China says its has sentenced three men to death and one woman to life in prison for a deadly knife attack in March that left more than 30 dead and 140 injured. Beijing says Muslim militants from China's restive western region of Xinjiang carried out the attacks. Now, more than six months after the incident, residents in the city are still coping with the aftermath. VOA's Bill Ide has more from Kunming.
Video

Video Enviropreneur Seeks to Save the Environment, Empower the Community

Lorna Rutto, a former banker, is now an ‘enviropreneur’ - turning plastic waste into furniture and fences discusses the challenges she faces in Africa with raw materials and the environment.
Video

Video West Trades Accusations Over Ransoms

As world leaders try to forge a common response to the threat posed by Islamic State militants in Iraq and Syria, there is simmering tension over differing policies on paying ransoms. In the past month, the jihadist group has beheaded two Americans and one Briton. Both countries refuse to pay ransom money. As Henry Ridgwell reports for VOA from London, there is uncertainty in the approach of some other European nations.
Video

Video Scotland Independence Bid Stokes Global Interest

The people of Scotland are preparing to vote on whether to become independent and break away from the rest of Britain, in a referendum being watched carefully in many other countries. Some see it as a risky experiment; while others hope a successful vote for independence might energize their own separatist demands. Foreign immigrants to Scotland have a front row seat for the vote. VOA’s Henry Ridgwell spoke to some of them in Edinburgh.


Carnage and mayhem are part of daily life in northern Nigeria, the result of a terror campaign by the Islamist group Boko Haram. Fears are growing that Nigeria’s government may not know how to counter it, and may be making things worse. More

AppleAndroid