Cyberattackers appear to be targeting the U.S. energy infrastructure. A new report says that USB “thumb” drives spread malware to at least two different facilities.
Computerworld’s Grant Gross reported, “Two U.S. power companies reported infections of malware during the past three months, with the bad software apparently brought in through tainted USB drives, according to the U.S. Department of Homeland Security’s Industrial Control Systems Cyber Emergency Response Team (ICS-CERT). In one case, the industrial control system at a power generation facility was infected with ‘common and sophisticated malware’ apparently through an employee’s USB drive, according to the ICS-CERT Monitor for October to December 2012.”
Ars Technica’sDan Goodin explained, “According to one of the articles in the newsletter, one of the infections was discovered after an employee experienced problems with the USB drive and called in IT staff to troubleshoot. ‘When the IT employee inserted the drive into a computer with up-to-date antivirus software, the antivirus software produced three positive hits,’ the newsletter reported. ‘Initial analysis caused particular concern when one sample was linked to known sophisticated malware.'”
ZDNet’s Charlie Osborne added, “In the second case documented by the report, a power company reported a viral infection in a turbine control system which hampered the performance of roughly ten computers within its control network. After a third-party technician used a USB drive to upgrade software when equipment was being renewed, the malware took hold. As a result, the plant’s reopening was delayed for three weeks.”
In a separate story related to cyberattacks on the nation’s infrastructure, The Wall Street Journal’s Siobhan Gorman and Danny Yadron wrote, “Major U.S. banks are pressing for government action to block or squelch what Washington officials say is an intensifying Iranian campaign of cyberattacks against American financial institutions. Financial firms have spent millions of dollars responding to the attacks, according to bank officials, who add that they can’t be expected to fend off attacks from a foreign government. Defense officials have said Iran’s government is behind the assault. Officials from several affected banks, including PNC Financial Services Group Inc., SunTrust Banks Inc. and BB&T Corp., are urging the U.S. government to stop or mitigate the attacks, according to investigators.