News / USA

Malicious Virus Shuttered US Power Plant

Computer keyboard Computer keyboard
x
Computer keyboard
Computer keyboard
TEXT SIZE - +
Reuters
— A computer virus attacked a turbine control system at a U.S. power company last fall when a technician unknowingly inserted an infected USB computer drive into the network, keeping a plant off line for three weeks, according to a report posted on a U.S. government website.
       
The Department of Homeland Security report did not identify the plant but said criminal software, which is used to conduct financial crimes such as identity theft, was behind the incident.
       
It was introduced by an employee of a third-party contractor that does business with the utility, according to the agency.
       
DHS reported the incident, which occurred in October, along with a second involving a more sophisticated virus, on its website as cyber experts gather at a high-profile security conference in Miami known as S4 to review emerging threats against power plants, water utilities and other parts of the critical infrastructure.
       
In addition to not identifying the plants, a DHS spokesman declined to say where they are located.
       
Interest in the area has surged since 2010 when the Stuxnet computer virus was used to attack Iran's nuclear program. Although the United States and Israel were widely believed to be behind Stuxnet, experts believe that hackers may be copying the technology to develop their own viruses.
       
Justin W. Clarke, a security researcher with a firm known as Cylance that helps protect utilities against cyber attacks, noted that experts believe Stuxnet was delivered to its target in Iran via a USB drive. Attackers use that technique to place malicious software on computer systems that are ``air gapped,'' or cut off from the public Internet.
       
``This is yet another stark reminder that even if a true 'air gap' is in place on a control network, there are still ways that malicious targeted or unintentional random infection can occur,'' he said.
       
Aging Systems       

Many critical infrastructure control systems run on Windows XP and Windows 2000, operating systems that were designed more than a decade ago. They have ``auto run'' features enabled by default, which makes them an easy target for infection because malicious software loads as soon as a USB is plugged into the system unless operators change that setting, Clarke said.
       
The Department of Homeland Security's Industrial Control Systems Cyber Emergence Response Team (ICS-CERT), which helps protect critical U.S. infrastructure, described the incident in a quarterly newsletter that was accessed via its website on Wednesday.
       
The report from ICS-CERT described a second incident in which it said it had recently sent technicians to clean up computers infected by common as well as ``sophisticated'' viruses on workstations that were critical to the operations of a power generation facility.
       
The report did not say who the agency believed was behind the sophisticated virus or if it was capable of sabotage. DHS uses the term "sophisticated'' to describe a wide variety of malicious software that is designed to do things besides commit routine cyber crimes. They include viruses capable of espionage and sabotage.
       
A DHS spokesman could not immediately be reached to comment on the report.
       
The Department of Homeland Security almost never identifies critical infrastructure operators that are hit by viruses, or even their locations, but it does provide statistics.
       
It said ICS-CERT responded to 198 cyber incidents reported by energy companies, public water districts and other infrastructure facilities in the fiscal year ending Sept. 30, 2012.
       
Attacks against the energy sector represented 41 percent of the total number of incidents in fiscal 2012. According to the report, ICS-CERT helped 23 oil and natural gas sector organizations after they were hit by a targeted spear-phishing campaign - when emails with malicious content are specifically targeted at their employees.
       
The water sector had the second highest number of incidents,
 representing 15 percent.

You May Like

Algerians Vote in Presidential Election

There were few media reports of protests and clashes around the country, but so far no significant violence More

Sharks More Evolved than Previously Thought

The discovery could “profoundly affect our understanding of evolutionary history” More

Pakistan Military Asked to Protect Polio Workers

Request comes as authorities say a Taliban ban on vaccinations in 2012 and deadly attacks on anti-polio teams have prevented thousands of children from getting inoculated More

This forum has been closed.
Comment Sorting
Comments
     
by: Timur Tyncherov
January 23, 2013 9:50 AM
Laugh and cry at the same time. Any half-competent sysadmin would not allow the auto-run feature to be enabled on the control network of a critical infrastructure facility. And any competent sysadmin would set up the access rights in a way that prevents “an employee of a third-party contractor” from running the malicious software on a critical workstation. And yes, it IS possible even on Windows XP/2000.


by: Christopher Hobe Morrison from: Pine Bush, NY, USA
January 16, 2013 9:39 PM
Uhhhh, computers not connected to the internet to prevent them from being infected, and somebody inserted an infected USB into the computer?

Didn't somebody run a check on something that was going to be used like that? Are outside people allowed to do things that might result in that sort of thing happening?

Featured Videos

Your JavaScript is turned off or you have an old version of Adobe's Flash Player. Get the latest Flash player.
Google Buys Drone Companyi
|| 0:00:00
...
 
🔇
X
George Putic
April 15, 2014
In its latest purchase of high-tech companies, Google has acquired a manufacturer of solar-powered drones that can stay in the air almost indefinitely, relaying broadband Internet connection to remote areas. It is seen as yet another step in the U.S. based Web giant’s bid to bring Internet to the whole world. VOA’s George Putic reports.
Video

Video Google Buys Drone Company

In its latest purchase of high-tech companies, Google has acquired a manufacturer of solar-powered drones that can stay in the air almost indefinitely, relaying broadband Internet connection to remote areas. It is seen as yet another step in the U.S. based Web giant’s bid to bring Internet to the whole world. VOA’s George Putic reports.
Video

Video Ray Bonneville Sings the Blues and More on New CD

Singer/songwriter Ray Bonneville has released a new CD called “Easy Gone” with music that reflects his musical and personal journey from French-speaking Canada to his current home in Austin,Texas. The eclectic artist’s fan base extends from Texas to various parts of North America and Europe. VOA’s Greg Flakus reports from Austin.
Video

Video Millions Labor in Pakistan's Informal Economy

The World Bank says that in Pakistan, roughly 70 percent work in the so-called informal sector, a part of the economy that is unregulated and untaxed. VOA's Sharon Behn reports from Islamabad on how the informal sector impact's the Pakistani economy.
Video

Video Passover Celebrates Liberation from Bondage

Jewish people around the world are celebrating Passover, a commemoration of their liberation from slavery in Egypt more than 3,300 years ago. According to scripture, God helped the Jews, led by Moses, escape bondage in Egypt and cross the Red Sea into the desert. Zlatica Hoke reports that the story of the Jewish Exodus resonates with other people trying to escape slave-like conditions.
Video

Video Police Pursue Hate Crime Charges Against Kansas Shooting Suspect

Prosecutors are sifting through the evidence in the wake of Sunday’s shootings in a suburb of Kansas City, Missouri that left three people dead. A suspect in the shootings taken into custody is a white supremacist. As VOA’s Kane Farabaugh reports, he was well-known to law enforcement agencies and human rights groups alike.
Video

Video In Eastern Ukraine, Pro-unity Activists Emerge from Shadows

Amid the pro-Russian uprisings in eastern Ukraine, there is a large body of activists who support Ukrainian unity and reject Russian intervention. Their activities have remained largely underground, but they are preparing to take on their pro-Moscow opponents, as Henry Ridgwell reports from the eastern city of Donetsk.
Video

Video Basket Maker’s Skills Have World Reach

A prestigious craft show in the U.S. capital offers one-of-a-kind creations by more than 120 artists working in a variety of media. As VOA’s Julie Taboh reports from Washington, one artist lucky enough to be selected says sharing her skills with women overseas is just as significant.
Video

Video UN Report Urges Speedier Action to Avoid Climate Disaster

A new United Nations report says the world must switch from fossil fuels to cleaner energy sources to control the effects of climate change. The Intergovernmental Panel on Climate Change released the report (Sunday) following a meeting of scientists and government representatives in Berlin. The comprehensive review follows two recent IPCC reports that detail the certainty of climate change, its impacts and in this most recent report what to do about it. VOA’s Rosanne Skirble has the details.
AppleAndroid