View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
  2. Software
January 17, 2013

US power plants hit by malware through USB drives

The malware hit each power plant's system after being involuntarily carried in on a USB drive.

By CBR Staff Writer

Two power plants in the US were infected with malware through USB drives during the past three months, according to the US security authority.

The US Department of Homeland Security’s Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) reported that the industrial control system at one of the power generation facilities was inadvertently infected with ‘common and sophisticated from an employee’s USB stick.

The agency said in a report that the employee routinely used this USB drive for backing up control systems configurations within the control environment.

"When the IT employee inserted the drive into a computer with up-to-date antivirus software, the antivirus software produced three positive hits. Initial analysis caused particular concern when one sample was linked to known sophisticated malware," the report added.

"Following analysis and at the request of the customer, an onsite team was deployed to their facility where the infection occurred.

In the second case, a power facility reported a virus infection in a turbine control system, which infected computers in October 2012.

A third-party technician had used the USB stick to upload software updates during a planned outage for equipment upgrades.

Content from our partners
Unlocking growth through hybrid cloud: 5 key takeaways
How businesses can safeguard themselves on the cyber frontline
How hackers’ tactics are evolving in an increasingly complex landscape

"Unknown to the technician, the USB-drive was infected with crimeware," the report said.

"The infection resulted in downtime for the impacted systems and delayed the plant restart by approximately three weeks."

ICS-CERT advised the owners and operators of critical infrastructure to develop and implement baseline security policies for maintaining up-to-date antivirus definitions, managing system patching, and governing the use of removable media.

"Such practices will mitigate many issues that could lead to extended system downtimes," ICS-CERT said.

Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how New Statesman Media Group may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.