Report: U.S. Power Utilities Infected by Malware from USB Drives

ICS-CERT is recommending that utilities take stronger precautions related to thumb drives.


How to Help Your Business Become an AI Early Adopter

Cyberattackers appear to be targeting the U.S. energy infrastructure. A new report says that USB "thumb" drives spread malware to at least two different facilities.

Computerworld's Grant Gross reported, "Two U.S. power companies reported infections of malware during the past three months, with the bad software apparently brought in through tainted USB drives, according to the U.S. Department of Homeland Security's Industrial Control Systems Cyber Emergency Response Team (ICS-CERT). In one case, the industrial control system at a power generation facility was infected with 'common and sophisticated malware' apparently through an employee's USB drive, according to the ICS-CERT Monitor for October to December 2012."

Ars Technica'sDan Goodin explained, "According to one of the articles in the newsletter, one of the infections was discovered after an employee experienced problems with the USB drive and called in IT staff to troubleshoot. 'When the IT employee inserted the drive into a computer with up-to-date antivirus software, the antivirus software produced three positive hits,' the newsletter reported. 'Initial analysis caused particular concern when one sample was linked to known sophisticated malware.'"

ZDNet's Charlie Osborne added, "In the second case documented by the report, a power company reported a viral infection in a turbine control system which hampered the performance of roughly ten computers within its control network. After a third-party technician used a USB drive to upgrade software when equipment was being renewed, the malware took hold. As a result, the plant's reopening was delayed for three weeks."

In a separate story related to cyberattacks on the nation's infrastructure, The Wall Street Journal's Siobhan Gorman and Danny Yadron wrote, "Major U.S. banks are pressing for government action to block or squelch what Washington officials say is an intensifying Iranian campaign of cyberattacks against American financial institutions. Financial firms have spent millions of dollars responding to the attacks, according to bank officials, who add that they can't be expected to fend off attacks from a foreign government. Defense officials have said Iran's government is behind the assault. Officials from several affected banks, including PNC Financial Services Group Inc., SunTrust Banks Inc. and BB&T Corp., are urging the U.S. government to stop or mitigate the attacks, according to investigators.

Tags: infrastructure, malware, cyberattack, USB drive, energy, banks

0 Comments (click to add your comment)
Comment and Contribute


(Maximum characters: 1200). You have characters left.



IT Management Daily
Don't miss an article. Subscribe to our newsletter below.

By submitting your information, you agree that datamation.com may send you Datamation offers via email, phone and text message, as well as email offers about other products and services that Datamation believes may be of interest to you. Datamation will process your information in accordance with the Quinstreet Privacy Policy.