All the latest UK technology news, reviews and analysis


USB malware discovered at US power plant

17 Jan 2013
Power plant

The US Department of Homeland Security said that it recently uncovered a malware infection at a power plant in the country.

The US Industrial Control Systems cyber emergency response team (ICS-Cert) said that the infection was linked to a compromised USB drive and included multiple malware infections.

According to the ICS-Cert report, an employee had used the USB drive for routine backup on PCs used for the plant's control systems. While the team did not go into detail on the nature of the malware found, the attacks were said to include both "common" and "sophisticated" malware samples.

"When the IT employee inserted the drive into a computer with up-to-date antivirus software, the antivirus software produced three positive hits," ICS-Cert said.

"Initial analysis caused particular concern when one sample was linked to known sophisticated malware."

While the malware was found on workstations, the report noted that no signs of infection were found on the operator stations for the control environment itself. The team said that it worked with the plant to develop and undertake cleaning procedures.

ICS-Cert noted that the nature of the plant's infrastructure made scrubbing the malware particuarly difficult.

"While the implementation of an antivirus solution presents some challenges in a control system environment, it could have been effective in identifying both the common and the sophisticated malware discovered on the USB drive and the engineering workstations," the report said.

Power plants and other utilities have emerged as top targets for infrastructure attacks. Experts have warned that the systems, which are often difficult to secure and manage, could be compromised by terrorists or hostile nations to cut critical infrastructure.

In 2009 and 2010 the Stuxnet malware used vulnerabilities in industrial controllers to carry out an attack on uranium enrichment facilities in Iran.

  • Comment  
  • Tweet  
  • Google plus  
  • Facebook  
  • LinkedIn  
  • Stumble Upon  
Shaun Nichols
About

Shaun Nichols is the US correspondent for V3.co.uk. He has been with the company since 2006, originally joining as a news intern at the site's San Francisco offices.

More on Security
What do you think?
blog comments powered by Disqus
Poll

Windows 7 end of mainstream support

What are your plans for when Microsoft ends mainstream support for Windows 7 in January 2015?
11%
5%
0%
70%
14%

Popular Threads

Powered by Disqus
LG G3 in gold black and white

LG G3 vs Galaxy S5 video

We pit the two Korean firms' flagship smartphones against each other

Updating your subscription status Loading
Newsletters

Get the latest news (daily or weekly) direct to your inbox with V3 newsletters.

newsletter sign-up button
hpv3may

Getting started with virtualisation

Virtualisation can help you reduce costs, improve application availability, and simplify IT
management. However, getting started can be challenging

ibmv3may

Converting big data and analytics insights into results

Successful leaders are infusing analytics throughout their organisations to drive smarter decisions, enable faster actions and optimise outcomes

SAP Test Manager/Lead SD & WHM

We have 2 roles for SAP Testing with WHM (Warehouse...

System Support Officer

South Somerset District Council The Council Offices...

IT Infrastructure Manager (MCSE)

Are you trained to MCSE level or equivalent with management...

Senior Consultant - Controls Assurance

Introduction Governance Risk & Control £47,669...
To send to more than one email address, simply separate each address with a comma.