News / USA

Malicious Virus Shuttered US Power Plant

Computer keyboard Computer keyboard
x
Computer keyboard
Computer keyboard
Reuters
A computer virus attacked a turbine control system at a U.S. power company last fall when a technician unknowingly inserted an infected USB computer drive into the network, keeping a plant off line for three weeks, according to a report posted on a U.S. government website.
       
The Department of Homeland Security report did not identify the plant but said criminal software, which is used to conduct financial crimes such as identity theft, was behind the incident.
       
It was introduced by an employee of a third-party contractor that does business with the utility, according to the agency.
       
DHS reported the incident, which occurred in October, along with a second involving a more sophisticated virus, on its website as cyber experts gather at a high-profile security conference in Miami known as S4 to review emerging threats against power plants, water utilities and other parts of the critical infrastructure.
       
In addition to not identifying the plants, a DHS spokesman declined to say where they are located.
       
Interest in the area has surged since 2010 when the Stuxnet computer virus was used to attack Iran's nuclear program. Although the United States and Israel were widely believed to be behind Stuxnet, experts believe that hackers may be copying the technology to develop their own viruses.
       
Justin W. Clarke, a security researcher with a firm known as Cylance that helps protect utilities against cyber attacks, noted that experts believe Stuxnet was delivered to its target in Iran via a USB drive. Attackers use that technique to place malicious software on computer systems that are ``air gapped,'' or cut off from the public Internet.
       
``This is yet another stark reminder that even if a true 'air gap' is in place on a control network, there are still ways that malicious targeted or unintentional random infection can occur,'' he said.
       
Aging Systems       

Many critical infrastructure control systems run on Windows XP and Windows 2000, operating systems that were designed more than a decade ago. They have ``auto run'' features enabled by default, which makes them an easy target for infection because malicious software loads as soon as a USB is plugged into the system unless operators change that setting, Clarke said.
       
The Department of Homeland Security's Industrial Control Systems Cyber Emergence Response Team (ICS-CERT), which helps protect critical U.S. infrastructure, described the incident in a quarterly newsletter that was accessed via its website on Wednesday.
       
The report from ICS-CERT described a second incident in which it said it had recently sent technicians to clean up computers infected by common as well as ``sophisticated'' viruses on workstations that were critical to the operations of a power generation facility.
       
The report did not say who the agency believed was behind the sophisticated virus or if it was capable of sabotage. DHS uses the term "sophisticated'' to describe a wide variety of malicious software that is designed to do things besides commit routine cyber crimes. They include viruses capable of espionage and sabotage.
       
A DHS spokesman could not immediately be reached to comment on the report.
       
The Department of Homeland Security almost never identifies critical infrastructure operators that are hit by viruses, or even their locations, but it does provide statistics.
       
It said ICS-CERT responded to 198 cyber incidents reported by energy companies, public water districts and other infrastructure facilities in the fiscal year ending Sept. 30, 2012.
       
Attacks against the energy sector represented 41 percent of the total number of incidents in fiscal 2012. According to the report, ICS-CERT helped 23 oil and natural gas sector organizations after they were hit by a targeted spear-phishing campaign - when emails with malicious content are specifically targeted at their employees.
       
The water sector had the second highest number of incidents,
 representing 15 percent.

You May Like

China May Be Biggest Winner From Ukraine Crisis

Missile sales, oil and gas shipments are among many areas that may drive Beijing and Moscow closer together in coming years More

Obama Faces Chaotic World, Limits of Power

Current foreign policy issues bring into focus challenges for US policymakers who are mindful of Americans' waning appetite for overseas military engagements More

SADC Meeting Lesotho Officials to Resolve Stalemate

Official says regional bloc has been engaged with leaders in Lesotho to resolve political disagreement that led to coup attempt More

This forum has been closed.
Comment Sorting
Comments
     
by: Timur Tyncherov
January 23, 2013 9:50 AM
Laugh and cry at the same time. Any half-competent sysadmin would not allow the auto-run feature to be enabled on the control network of a critical infrastructure facility. And any competent sysadmin would set up the access rights in a way that prevents “an employee of a third-party contractor” from running the malicious software on a critical workstation. And yes, it IS possible even on Windows XP/2000.


by: Christopher Hobe Morrison from: Pine Bush, NY, USA
January 16, 2013 9:39 PM
Uhhhh, computers not connected to the internet to prevent them from being infected, and somebody inserted an infected USB into the computer?

Didn't somebody run a check on something that was going to be used like that? Are outside people allowed to do things that might result in that sort of thing happening?

Featured Videos

Your JavaScript is turned off or you have an old version of Adobe's Flash Player. Get the latest Flash player.
West Africa Ebola Vaccine Trials Possible by Early 2015i
X
Carol Pearson
August 30, 2014 7:14 PM
A U.S. health agency is speeding up clinical trials of a possible vaccine against the deadly Ebola virus that so far has killed more than 1,500 people in West Africa. If successful, the next step would be a larger trial in countries where the outbreak is occurring. VOA's Carol Pearson has more.
Video

Video West Africa Ebola Vaccine Trials Possible by Early 2015

A U.S. health agency is speeding up clinical trials of a possible vaccine against the deadly Ebola virus that so far has killed more than 1,500 people in West Africa. If successful, the next step would be a larger trial in countries where the outbreak is occurring. VOA's Carol Pearson has more.
Video

Video Survivors Commemorate 70th Anniversary of Nazi Liquidation of Jewish Ghetto

When the German Nazi army occupied the Polish city of Lodz in 1939, it marked the beginning of a long nightmare for the Jewish community that once made up one third of the population. Roughly 200,000 people were forced into the Lodz Ghetto. Less than 7,000 survived. As VOA’s Kane Farabaugh reports, some survivors gathered at the Union League Club in Chicago on the 70th anniversary of the liquidation of the Lodz Ghetto to remember those who suffered at the hands of the Nazi regime.
Video

Video Cost to Raise Child in US Continues to Rise

The cost of raising a child in the United States continues to rise. In its latest annual report, the U.S. Department of Agriculture says middle income families with a child born in 2013 can expect to spend more than $240,000 before that child turns 18. And sending that child to college more than doubles that amount. VOA’s Deborah Block visited with a couple with one child in Alexandria, Virginia, to learn if the report reflects their lifestyle.
Video

Video Chaotic Afghan Vote Recount Threatens Nation’s Future

Afghanistan’s troubled presidential election continues to be rocked by turmoil as an audit of the ballots drags on. The U.N. says the recount will not be completed before September 10. Observers say repeated disputes and delays are threatening the orderly transfer of power and could have dangerous consequences. VOA correspondent Meredith Buel reports.
Video

Video Ukraine Battles Pro-Russia Rebel Assault

After NATO concluded an emergency meeting to discuss the crisis in eastern Ukraine, the country is struggling to contain heavy fighting near the strategic port of Mariupol, on the Azov Sea. Separatist rebels are trying to capture the city, allegedly with Russian military help, and Ukraine's defense forces are digging in. VOA's Daniel Schearf spoke with analysts about what lies ahead for Ukraine.
Video

Video Growing Business Offers Paint with a Twist of Wine

Two New Orleans area women started a small business seven years ago with one thing in mind: to help their neighbors relieve the stress of coping with a hurricane's aftermath. Today their business, which pairs painting and a little bit of wine, has become one of the fastest growing franchises across the U.S. VOA’s June Soh met the entrepreneurs at their newest franchise location in the Washington suburbs.
Video

Video Ebola Vaccine Trials To Begin Next Week

The National Institutes of Health says it is launching early stage trials of a vaccine to prevent the Ebola virus, which has infected or killed thousands of people across West Africa. The World Health Organization says Ebola could infect more than 20,000 people across the region by the time the outbreak is over. The epidemic has health experts and governments scrambling to prevent more people from becoming infected. Zlatica Hoke has more.
Video

Video Asian Bacteria Threatens Florida Orange Trees

Florida's citrus fruit industry is facing a serious threat from a bacteria carried by the Asian insect called psyllid. The widespread infestation again highlights the danger of transferring non-native species to American soil. VOA’s George Putic reports.
Video

Video Aging Will Reduce Economic Growth Worldwide in Coming Decades

The world is getting older, fast. And as more people retire each year, fewer working-age people will be there to replace them. Bond rating agency Moody’s says that will lead to a decline in household savings; reducing global investments - which in turn, will lead to slower economic growth around the world. But experts say it’s not too late to mitigate the economic impact of the world’s aging populations. Mil Arcega has more.
Video

Video Is West Doing Enough to Tackle Islamic State?

U.S. President Barack Obama has ruled out sending ground troops to Iraq to fight militants of the so-called Islamic State, or ISIS, despite officials in Washington describing the extremist group as the biggest threat the United States has faced in years. Henry Ridgwell reports from London on the growing uncertainty over whether the West’s response to ISIS will be enough to defeat the terrorist threat.
Video

Video Coalition to Fight Islamic State Could Reward Assad

The United States along with European and Mideast allies are considering a broader assault against Islamic State fighters who have spread from Syria into Iraq and risk further destabilizing an already troubled region. But as VOA State Department Correspondent Scott Stearns reports, confronting those militants could end up helping the embattled Syrian President Bashar al-Assad.
Video

Video Made in America Socks Get Toehold in Online Fashion Market

Three young entrepreneurs are hoping to revolutionize the high-end sock industry by introducing all-American creations of their own. And they’re doing most of it the old-fashioned way. VOA’s Julie Taboh recently caught up with them to learn what goes into making their one-of-a-kind socks.
Video

Video Americans, Ex-Pats Send Relief Supplies to West Africa

Health organizations from around the world are sending supplies and specialists to the West African countries that are dealing with the worst Ebola outbreak in history. On a smaller scale, ordinary Americans and African expatriates living in the United States are doing the same. VOA's Carol Pearson reports.

AppleAndroid