- V3 Apps
The US Department of Homeland Security said that it recently uncovered a malware infection at a power plant in the country.
The US Industrial Control Systems cyber emergency response team (ICS-Cert) said that the infection was linked to a compromised USB drive and included multiple malware infections.
According to the ICS-Cert report, an employee had used the USB drive for routine backup on PCs used for the plant's control systems. While the team did not go into detail on the nature of the malware found, the attacks were said to include both "common" and "sophisticated" malware samples.
"When the IT employee inserted the drive into a computer with up-to-date antivirus software, the antivirus software produced three positive hits," ICS-Cert said.
"Initial analysis caused particular concern when one sample was linked to known sophisticated malware."
While the malware was found on workstations, the report noted that no signs of infection were found on the operator stations for the control environment itself. The team said that it worked with the plant to develop and undertake cleaning procedures.
ICS-Cert noted that the nature of the plant's infrastructure made scrubbing the malware particuarly difficult.
"While the implementation of an antivirus solution presents some challenges in a control system environment, it could have been effective in identifying both the common and the sophisticated malware discovered on the USB drive and the engineering workstations," the report said.
Power plants and other utilities have emerged as top targets for infrastructure attacks. Experts have warned that the systems, which are often difficult to secure and manage, could be compromised by terrorists or hostile nations to cut critical infrastructure.
In 2009 and 2010 the Stuxnet malware used vulnerabilities in industrial controllers to carry out an attack on uranium enrichment facilities in Iran.