News / USA

    Malicious Virus Shuttered US Power Plant

    Computer keyboard Computer keyboard
    x
    Computer keyboard
    Computer keyboard
    Reuters
    A computer virus attacked a turbine control system at a U.S. power company last fall when a technician unknowingly inserted an infected USB computer drive into the network, keeping a plant off line for three weeks, according to a report posted on a U.S. government website.
           
    The Department of Homeland Security report did not identify the plant but said criminal software, which is used to conduct financial crimes such as identity theft, was behind the incident.
           
    It was introduced by an employee of a third-party contractor that does business with the utility, according to the agency.
           
    DHS reported the incident, which occurred in October, along with a second involving a more sophisticated virus, on its website as cyber experts gather at a high-profile security conference in Miami known as S4 to review emerging threats against power plants, water utilities and other parts of the critical infrastructure.
           
    In addition to not identifying the plants, a DHS spokesman declined to say where they are located.
           
    Interest in the area has surged since 2010 when the Stuxnet computer virus was used to attack Iran's nuclear program. Although the United States and Israel were widely believed to be behind Stuxnet, experts believe that hackers may be copying the technology to develop their own viruses.
           
    Justin W. Clarke, a security researcher with a firm known as Cylance that helps protect utilities against cyber attacks, noted that experts believe Stuxnet was delivered to its target in Iran via a USB drive. Attackers use that technique to place malicious software on computer systems that are ``air gapped,'' or cut off from the public Internet.
           
    ``This is yet another stark reminder that even if a true 'air gap' is in place on a control network, there are still ways that malicious targeted or unintentional random infection can occur,'' he said.
           
    Aging Systems       

    Many critical infrastructure control systems run on Windows XP and Windows 2000, operating systems that were designed more than a decade ago. They have ``auto run'' features enabled by default, which makes them an easy target for infection because malicious software loads as soon as a USB is plugged into the system unless operators change that setting, Clarke said.
           
    The Department of Homeland Security's Industrial Control Systems Cyber Emergence Response Team (ICS-CERT), which helps protect critical U.S. infrastructure, described the incident in a quarterly newsletter that was accessed via its website on Wednesday.
           
    The report from ICS-CERT described a second incident in which it said it had recently sent technicians to clean up computers infected by common as well as ``sophisticated'' viruses on workstations that were critical to the operations of a power generation facility.
           
    The report did not say who the agency believed was behind the sophisticated virus or if it was capable of sabotage. DHS uses the term "sophisticated'' to describe a wide variety of malicious software that is designed to do things besides commit routine cyber crimes. They include viruses capable of espionage and sabotage.
           
    A DHS spokesman could not immediately be reached to comment on the report.
           
    The Department of Homeland Security almost never identifies critical infrastructure operators that are hit by viruses, or even their locations, but it does provide statistics.
           
    It said ICS-CERT responded to 198 cyber incidents reported by energy companies, public water districts and other infrastructure facilities in the fiscal year ending Sept. 30, 2012.
           
    Attacks against the energy sector represented 41 percent of the total number of incidents in fiscal 2012. According to the report, ICS-CERT helped 23 oil and natural gas sector organizations after they were hit by a targeted spear-phishing campaign - when emails with malicious content are specifically targeted at their employees.
           
    The water sector had the second highest number of incidents,
     representing 15 percent.

    You May Like

    South Sudan Sends First Ever Official Olympic Team to Rio

    VOA caught up with Santino Kenyi, 16, one of three athletes who will compete in this year's summer games in Brazil

    Arrest of Malawi's 'Hyena' Man Highlights Clash of Ritual, Health and Women's Rights

    Ritual practice of deflowering young girls is blamed for spreading deadly AIDS virus

    Immigrant Delegate Marvels at Democratic Process

    VOA finds things Americans take for granted are special to foreigners

    This forum has been closed.
    Comment Sorting
    Comments
         
    by: Timur Tyncherov
    January 23, 2013 9:50 AM
    Laugh and cry at the same time. Any half-competent sysadmin would not allow the auto-run feature to be enabled on the control network of a critical infrastructure facility. And any competent sysadmin would set up the access rights in a way that prevents “an employee of a third-party contractor” from running the malicious software on a critical workstation. And yes, it IS possible even on Windows XP/2000.

    by: Christopher Hobe Morrison from: Pine Bush, NY, USA
    January 16, 2013 9:39 PM
    Uhhhh, computers not connected to the internet to prevent them from being infected, and somebody inserted an infected USB into the computer?

    Didn't somebody run a check on something that was going to be used like that? Are outside people allowed to do things that might result in that sort of thing happening?

    Featured Videos

    Your JavaScript is turned off or you have an old version of Adobe's Flash Player. Get the latest Flash player.
    Immigrant Delegate Marvels at Democratic Processi
    X
    Katherine Gypson
    July 27, 2016 6:21 PM
    It’s been a bitter and divisive election season – but first time Indian-American delegate Dr. Shashi Gupta headed to the Democratic National Convention with a sense of hope. VOA’s Katherine Gypson followed this immigrant with the love of U.S. politics all the way to Philadelphia.
    Video

    Video Immigrant Delegate Marvels at Democratic Process

    It’s been a bitter and divisive election season – but first time Indian-American delegate Dr. Shashi Gupta headed to the Democratic National Convention with a sense of hope. VOA’s Katherine Gypson followed this immigrant with the love of U.S. politics all the way to Philadelphia.
    Video

    Video A Life of Fighting Back: Hillary Clinton Shatters Glass Ceiling

    Hillary Clinton made history Thursday, overcoming personal and political setbacks to become the first woman to win the presidential nomination of a major U.S. political party. If she wins in November, she will go from “first lady” to U.S. Senator from New York, to Secretary of State, to “Madam President.” Polls show Clinton is both beloved and despised. White House Correspondent Cindy Saine takes a look at the life of the woman both supporters and detractors agree is a fighter for the ages.
    Video

    Video Dutch Entrepreneurs Turn Rainwater Into Beer

    June has been recorded as one of the wettest months in more than a century in many parts of Europe. To a group of entrepreneurs in Amsterdam the rain came as a blessing, as they used the extra water to brew beer. Serginho Roosblad has more to the story.
    Video

    Video First Time Delegate’s First Day Frustrations

    With thousands of people filling the streets of Philadelphia, Pennsylvania for the 2016 Democratic National Convention, VOA’s Kane Farabaugh narrowed in on one delegate as she made her first trip to a national party convention. It was a day that was anything but routine for this United States military veteran.
    Video

    Video Commerce Thrives on US-Mexico Border

    At the Democratic Convention in Philadelphia this week, the party’s presumptive presidential nominee, Hillary Clinton, is expected to attack proposals made by her opponent, Republican presidential nominee Donald Trump, to build a wall along the U.S.-Mexico border. Last Friday, President Barack Obama hosted his Mexican counterpart, President Enrique Peña Nieto, to underscore the good relations between the two countries. VOA’s Greg Flakus reports from Tucson.
    Video

    Video Film Helps Save Ethiopian Children Thought to be Cursed

    'Omo Child' looks at effort of African man to stop killings of ‘mingi’ children
    Video

    Video London’s Financial Crown at Risk as Rivals Eye Brexit Opportunities

    By most measures, London rivals New York as the only true global financial center. But Britain’s vote to leave the European Union – so-called ‘Brexit’ – means the city could lose its right to sell services tariff-free across the bloc, risking its position as Europe’s financial headquarters. Already some banks have said they may shift operations to the mainland. Henry Ridgwell reports from London.
    Video

    Video Recycling Lifeline for Lebanon’s Last Glassblowers

    In a small Lebanese coastal town, one family is preserving a craft that stretches back millennia. The art of glass blowing was developed by Phoenicians in the region, and the Khalifehs say they are the only ones keeping the skill alive in Lebanon. But despite teaming up with an eco-entrepreneur and receiving an unexpected boost from the country’s recent trash crisis the future remains uncertain. John Owens reports from Sarafand.
    Video

    Video Migrants Continue to Risk Lives Crossing US Border from Mexico

    In his speech Thursday before the Republican National Convention, the party’s presidential candidate, Donald Trump, reiterated his proposal to build a wall along the U.S.-Mexico border if elected. Polls show a large percentage of Americans support better control of the nation's southwestern border, but as VOA’s Greg Flakus reports from the border town of Nogales in the Mexican state of Sonora, the situation faced by people trying to cross the border is already daunting.
    Video

    Video In State of Emergency, Turkey’s Erdogan Focuses on Spiritual Movement

    The state of emergency that Turkish President Recep Tayyip Erdogan has declared is giving him even more power to expand a purge that has seen an estimated 60,000 people either arrested or suspended from their jobs. VOA Europe correspondent Luis Ramirez reports from Istanbul.
    Video

    Video Calm the Waters: US Doubles Down Diplomatic Efforts in ASEAN Meetings

    The United States is redoubling diplomatic efforts and looking to upcoming regional meetings to calm the waters after an international tribunal invalidated the legal basis of Beijing's extensive claims in the South China Sea. VOA State Department correspondent Nike Ching has the story.
    Video

    Video Scientists in Poland Race to Save Honeybees

    Honeybees are in danger worldwide. Causes of what's known as colony collapse disorder range from pesticides and loss of habitat to infections. But scientists in Poland say they are on track to finding a cure for one of the diseases. VOA’s George Putic reports.

    Special Report

    Adrift The Invisible African Diaspora