Two US Power Plants Hit By Malware Attacks

Two US Power Plants Hit By Malware Attacks

It’s come to light that two US power plants were hit by malware attacks in 2012, after employees used infected USB sticks.

The US Industrial Control Systems Cyber Emergency Response Team reports that malware found its way into the plants and affected their operation. From ICS-CERT on one of the attacks:

“A third-party technician used a USB-drive to upload software updates during a scheduled outage for equipment upgrades. Unknown to the technician, the USB-drive was infected with crimeware. The infection resulted in downtime for the impacted systems and delayed the plant restart by approximately three weeks.”

That’s a pretty serious dent in the plant’s productivity, and something that authorities are rightly worried by. There are no details about the malware — how it worked or the exact effects it had — but ICS-CERT wastes no time in insisting that the security of removable media needs to be reviewed and tightened.

Reminiscent of past malware attacks in other countries, by the likes of Stuxnet, Flame and Wiper, it’s tempting to speculate that these US attacks originate from overseas. That is, of course, pure speculation — but it’s clear that security needs to be taken seriously across the US power sector and beyond. [ICS-CERT via BBC]