Two U.S. Power Plants Infected With USB Malware Last Year
January 17, 2013 3:01 PM
comment(s) - last by
Origin of the attacks was not revealed
Illustrating why it might be a good idea to
ban external media
particularly in high-security environments
, the U.S. Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) -- a sub-agency of the U.S. Department of Homeland Security (DHS) -- released a newsletter this week revealing that two power plants in the U.S. suffered malware infections last year thanks to infected thumb drives.
ICS-CERT officials write:
[In the first incident] the malware was discovered when an employee asked company IT staff to inspect his USB drive after experiencing intermittent issues with the drive's operation. The employee routinely used this USB drive for backing up control systems configurations within the control environment.
[During the second incident] a third-party technician used a USB-drive to upload software updates during a scheduled outage for equipment upgrades.
Unknown to the technician, the USB-drive was infected with crimeware.
The infection resulted in downtime for the impacted systems and delayed the plant restart by approximately three weeks.
Most power providers in the U.S. are privately owned, thus the government
does not have the ability to order them what to do
security wise. But in its newsletter it firmly suggests adopting stricter restrictions on external media, commenting, "Such practices will mitigate many issues that could lead to extended system downtime."
A pair of breaches at U.S. power plants in 2012 via USB sticks, highlight the growing danger to the U.S. power grid. [Image Source: Reuters]
The U.S. federal government knows a think or two about the dangers of external media and writeable media. In 2008, the Pentagon suffered a major cyberattack that
originated from a single USB stick
plugged into a secured system. The malware, believed to have originated in Russia, quickly spread, compromising systems.
And in perhaps the most severe data loss incident in U.S. history, U.S. SPC Bradley Manning, a low-ranking U.S. Army Officer downloaded hundreds of thousands of classified documents and burned them to a CD-RW. He then allegedly
passed the documents to
, a site that has fixated on publishing supposedly "incriminating" material on the U.S. government.
The recent report on the power plant hacks did not mention where the malware appeared to originate from or the extent of the compromise. The specific malware used in each intrusion was also not revealed.
Chinese university researchers have published information suggesting an attack scheme in which malware is planted on power plant systems, only to be activated at a later date
causing catastrophic failures of the power grid
, crippling the nation a war scenario. In 2011 there was an alleged security breach
at a wind power facility
in the U.S., but that was believed to be the work of a disgruntled employee.
This article is over a month old, voting and posting comments is disabled
RE: You cannot have it both ways
1/18/2013 1:59:06 AM
Battlestar Galactica policy: no computers are networked.
1) Many individual computers must be used to carry out a particular job.
2) Humans have full control at all times.
3) The inherant checks and balances would require all humans to be involved in a complete failure of the system the individual computers control.
Result: Virtually impossible for computer infections or malfunctions to bring down the system they control.
Considering the state of our foreign affairs, I don't think it is wise at this point in time to add information technology our power plants. Update them, yes. Make them more efficient and modern, yes. Put them on a network or God forbid, the Internet, HELL NO.
Why do any computers in a power plant that control any critical systems have active USB ports anyway!?
RE: You cannot have it both ways
1/18/2013 12:34:31 PM
The solution is to not allow external media into the internal machines and enable only outbound communication to the outside.
For outbound communications they need to setup a physical one-way optical connection from the internal systems to the external systems. The outbound optical connection is send only, enforced in hardware with an optical sender and no receiver, so it's not possible to receive anything on it.
This way the internal systems can report their status for external monitoring but they cannot receive any external data through the network.
Many nuclear power plants have this setup with network protocols designed for the one-way communication.
"We shipped it on Saturday. Then on Sunday, we rested." -- Steve Jobs on the iPad launch
6 Common-Sense Security Measures Every Business Should Adopt
December 27, 2012, 8:45 AM
U.S., Britain Doing Little to Protect Power, Gas, Water From Cyberattacks
April 19, 2011, 9:28 AM
Anonymous Hacker Threatens System Security Breach at U.S. Wind Facility
April 19, 2011, 8:36 AM
Whitelisting: Ban Those "Naughty" Devices and Beef up Security
December 14, 2010, 12:17 PM
USB Stick Led to Worst Cyber Attack on U.S. Military; Russia Suspected
August 26, 2010, 9:57 AM
Researchers Hope to Find "Exotic" Lifeforms Inside Crater of Dinosaur Killing Meteor
April 14, 2015, 8:47 PM
Mathematician's Sociological Formulation May Explain the "Hipster Paradox"
April 14, 2015, 1:13 PM
Cool Science Video: This is What a McDonald's Burger Looks Like in Your Stomach
April 7, 2015, 1:43 PM
Fraud Artist Engineered Stunning UK Jailbreak Via Typosquatting, Email
April 4, 2015, 2:57 PM
Food Chemists at Italy's Barilla Claim to Have Perfect Instant Noodles w/out Frying
March 26, 2015, 4:25 PM
Half a Billion Dollars of U.S. Weaponry May be Lost to al-Qaeda, Rebels in Yemen
March 23, 2015, 2:12 PM
Most Popular Articles
Windows 10 Build 10056 -- What's New in the Latest Leak
April 13, 2015, 10:38 PM
TSMC Hypes Its Upcoming 10 nm Process, Amid Struggles to Hit Volume at 16 nm
April 10, 2015, 7:57 PM
In California Hippies, Religious Right Find Common Enemy in Vaccine Science
April 9, 2015, 4:42 PM
Death and Dragons -- Report Claims Game of Thrones Hit by Piracy "Tidal Wave"
April 10, 2015, 8:37 AM
Sharp Unveils World's First "4K" Phone Display at Mind-Boggling 806 PPI
April 13, 2015, 11:24 AM
Latest Blog Posts
Sceptre Airs 27", 120 Hz. 1080p Monitor/HDTV w/ 5 ms Response Time for $220
Dec 3, 2014, 10:32 PM
Costco Gives Employees Thanksgiving Off; Wal-Mart Leads "Black Thursday" Charge
Oct 29, 2014, 9:57 PM
"Bear Selfies" Fad Could Turn Deadly, Warn Nevada Wildlife Officials
Oct 28, 2014, 12:00 PM
The Surface Mini That Was Never Released Gets "Hands On" Treatment
Sep 26, 2014, 8:22 AM
ISIS Imposes Ban on Teaching Evolution in Iraq
Sep 17, 2014, 5:22 PM
More Blog Posts
Copyright 2015 DailyTech LLC. -
Terms, Conditions & Privacy Information