A USB drive which had malware installed on it was responsible for infecting a U.S. power plant turbine control system in early October. The malicious software managed to delay the restart by three weeks, according to the Homeland Security Department.
Another plant was checked and found to have ‘common and sophisticated malware’ installed on several workstations, including two that were critical to the operation of the plant. No details were given as to whether the infection game from governments or individuals, according to usatoday.
The October infection may have been caused by an outside technician who used a USB drive to upload software updates while the plant was shut down for equipment upgrades. The malicious code then infected 10 machines, causing the problems.
A quarterly report was issued which showed that the power plant antivirus software and security measures were not up to date.
ICS-CERT reported “ICS-CERT’s onsite discussions with company personnel revealed a handful of machines that likely had contact with the tainted USB drive. These machines were examined immediately and drive images were taken for in-depth analysis. ICS-CERT also performed preliminary onsite analysis of those machines and discovered signs of the sophisticated malware on two engineering workstations, both critical to the operation of the control environment. Detailed analysis was conducted as these workstations had no backups, and an ineffective or failed cleanup would have significantly impaired their operations.”
Kitguru says: Malware is everywhere, this situation reiterates the need for up to date protection software.