UPDATE: MALICIOUS VIRUS SHUTTERED U.S. POWER PLANT
A computer virus attacked a turbine control system at a U.S. power company last fall when a technician unknowingly inserted an infected USB computer drive into the network, keeping a plant off line for three weeks, according to a report posted on a U.S. government website.
The Department of Homeland Security report did not identify the plant but said criminal software, which is used to conduct financial crimes such as identity theft, was behind the incident.
It was introduced by an employee of a third-party contractor that does business with the utility, according to the agency.
DHS reported the incident, which occurred in October, along with a second involving a more sophisticated virus, on its website as cyber experts gather at a high-profile security conference in Miami known as S4 to review emerging threats against power plants, water utilities and other parts of the critical infrastructure.
In addition to not identifying the plants, a DHS spokesman declined to say where they are located.
Interest in the area has surged since 2010 when the Stuxnet computer virus was used to attack Iran’s nuclear program. Although the United States and Israel were widely believed to be behind Stuxnet, experts believe that hackers may be copying the technology to develop their own viruses.
In other news, Malware infects US power facilities through USB drives:
Two U.S. power companies reported infections of malware during the past three months, with the bad software apparently brought in through tainted USB drives, according to the U.S. Department of Homeland Security’s Industrial Control Systems Cyber Emergency Response Team (ICS-CERT).
In one case, the industrial control system at a power generation facility was infected with “common and sophisticated malware” apparently through an employee’s USB drive, according to the ICS-CERT Monitor for October to December 2012.
The publication did not name the malware discovered. The tainted USB drive came in contact with a “handful of machines” at the power generation facility and investigators found sophisticated malware on two engineering workstations critical to the operation of the control environment, ICS-CERT said.
Stuxnet, is that you?
Federal regulators are examining a nuclear plant in northeastern Pennsylvania following three unexpected shutdowns.
The Nuclear Regulatory Commission sent an inspection team to the Susquehanna power plant on Monday.
The most recent shutdown occurred Dec. 19 after a valve failed to open during plant startup. Officials say that temporarily interrupted the water supply to one of the plant’s two reactors.
4 Responses to “Inspection Team Headed to Pa. Nuclear Plant”
Leave a Reply
You must be logged in to post a comment.