USB sticks infect two power plants with malware

A US power plant was recently hit by a virus thanks to an infected USB stick, a report from the Department of Homeland Security has revealed.

The virus, a Trojan used for identity theft, was unwittingly introduced by a technician working for a third party contractor, and kept the power plant offline for three weeks.

"When the IT employee inserted the drive into a computer with up-to-date antivirus software, the antivirus software produced three positive hits," says the DHS's Computer Emergency Readiness Team (ICS-CERT) in a report.

"Initial analysis caused particular concern when one sample was linked to known sophisticated malware."

The malware, it says, was found on two engineering-based workstations that are critical to the control of the power station. Neither workstation had any effective backup, it says.

And ICS-CERT says another unidentified power plant was also hit by a more sophisticated virus, again introduced on a USB stick. The infection, in a turbine control system, affected around ten computers.

"ICS-CERT continues to emphasize that owners and operators of critical infrastructure should develop and implement baseline security policies for maintaining up-to-date antivirus definitions, managing system patching, and governing the use of removable
media," says ICS-CERT.

Comments