USB Storage Drive Loaded With Malware Shuts Down Power Plant

Found on eWEEK on Thursday, 17 January 2013

The U.S. Computer Emergency Readiness Team reports that a U.S.-based power generating facility was shut down after a contract employee introduced malware into the turbine control systems and into engineering workstations. The contractor routinely used his USB drive to perform updates on control systems as well as workstations in the power plant.

The Monitor report described the incident, saying that when the USB memory drive began to exhibit performance issues, the contractor asked the facility IT staff to check it. The check revealed two different types of malware; one type was designed to perform identity theft, and the other a type of sophisticated type of malware that ICS-CERT did not identify.

There are times when you think that critical systems have a few extra layers of security. There are also times when your assumptions are completely wrong.

Browse all articles« Previous « » Next »