Malware Kept US Power Plant Offline For 3 Weeks

The US Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) has revealed that last year, “sophisticated” malware was discovered at two power plants in the US, and kept one of them out of commission for three weeks.

Just like with Stuxnet and uranium enrichment centrifuges in 2010, the computer systems were infected through a USB drive used by an unsuspecting engineer.

The information was published in the ‘ICS-CERT Monitor’ quarterly newsletter. In it, the organisation stated that it expects the number of attacks of this type to increase.

Malware goes physical

The ICS-CERT is part of the US Department of Homeland Security, and deals with emergencies related to computer systems that monitor and manage industrial processes in the physical world. This is an increasingly important task, since a software error or hacker attack on ICS could stop factories and leave hospitals without electricity.

Securing ICS is more difficult than taking care of regular computers, because these systems have to remain operational at all times, and the periods between software updates can be very long.

In late 2012, ICS-CERT was called in to inspect a USB drive that was used to back up control system configurations at an unnamed “power generation facility”. After a quick analysis, security experts discovered that the drive was infected by not one, but three different types of malware, including some “sophisticated” strains.

ICS-CERT examined every machine that came in contact with the USB drive, and found signs of malware on two engineering workstations, both “critical to the operation of the control environment”. The situation was made worse by the fact that these workstations had no backups, so in case removal of malware went wrong, the operations of the whole facility would be significantly impaired.

“The cleaning procedures were developed in close coordination with the organization’s control system vendor to ensure that it would not adversely impact the workstations,” wrote ICS-CERT.

A similar situation occurred at an “electric utility” plant, where ten computers of the turbine control system were also infected through a USB drive during a scheduled outage. The infection caused downtime for some systems, and kept the whole plant on standby for three weeks.

“ICS-CERT continues to emphasize that owners and operators of critical infrastructure should develop and implement baseline security policies for maintaining up-to-date antivirus definitions, managing system patching, and governing the use of removable media,” reminded the organisation.

Last year, Eugene Kaspersky warned that the future could involve “mass cyber-attacks on things like nuclear power stations, energy supply and transportation control facilities, financial and telecommunications systems”.

Kaspersky announced that his company is working on a secure, highly specialised OS that could integrate into existing ICS infrastructure and would be unable to carry out any undeclared activity by design.

Do you know your USB? Take our quiz!

Max Smolaks

Max 'Beast from the East' Smolaks covers open source, public sector, startups and technology of the future at TechWeekEurope. If you find him looking lost on the streets of London, feed him coffee and sugar.

Recent Posts

X’s Community Notes Fails To Stem US Election Misinformation – Report

Hate speech non-profit that defeated Elon Musk's lawsuit, warns X's Community Notes is failing to…

1 day ago

Google Fined More Than World’s GDP By Russia

Good luck. Russia demands Google pay a fine worth more than the world's total GDP,…

1 day ago

Spotify, Paramount Sign Up To Use Google Cloud ARM Chips

Google Cloud signs up Spotify, Paramount Global as early customers of its first ARM-based cloud…

2 days ago

Meta Warns Of Accelerating AI Infrastructure Costs

Facebook parent Meta warns of 'significant acceleration' in expenditures on AI infrastructure as revenue, profits…

2 days ago

AI Helps Boost Microsoft Cloud Revenues By 33 Percent

Microsoft says Azure cloud revenues up 33 percent for September quarter as capital expenditures surge…

2 days ago