Malicious Virus Shuttered U.S. Power Plant -DHS
Source: Reuters
Wed Jan 16, 2013 5:53pm EST
Jan 16 (Reuters) - A computer virus attacked a turbine control system at a U.S. power company last fall when a technician unknowingly inserted an infected USB computer drive into the network, keeping a plant off line for three weeks, according to a report posted on a U.S. government website.
The Department of Homeland Security report did not identify the plant but said criminal software, which is used to conduct financial crimes such as identity theft, was behind the incident.
It was introduced by an employee of a third-party contractor that does business with the utility, according to the agency.
DHS reported the incident, which occurred in October, along with a second involving a more sophisticated virus, on its website as cyber experts gather at a high-profile security conference in Miami known as S4 to review emerging threats against power plants, water utilities and other parts of the critical infrastructure.
In addition to not identifying the plants, a DHS spokesman declined to say where they are located.
Read more: http://www.reuters.com/article/2013/01/16/cybersecurity-powerplants-idUSL1E9CGFPY20130116
= new reply since forum marked as read
Highlight:
NoneDon't highlight anything
5 newestHighlight 5 most recent replies
daleo
(21,317 posts)It makes you wonder.
hobbit709
(41,694 posts)Autorun can be turned off just for starters.
Demeter
(85,373 posts)No information, no independent confirmation, just TERRA TERRA TERRA?
AdHocSolver
(2,561 posts)Several companies that allowed workstations access to the Internet, or allowed file transfers from external disks that were at some point connected to the Internet, were infected with viruses.
Some of these systems ran virus checkers. They proved to be mainly ineffective.
Any computers running critical software, like for a power station, should be on a separate network behind a secure firewall. There should be no other connection to the network except through the firewall.
What really irked me was how unconcerned the rest of the staff were about computer virus infection.
TheMadMonk
(6,187 posts)AdHocSolver
(2,561 posts)The network server is often a retired computer running an old version of the operating system such as MS Windows.
It was used previously as a workstation and may already have been infected by a virus when it was given its new set of tasks to perform.
A programmer, possibly an intern, was given the task to clean up the retired computer and get it ready for its new use.
The manager in charge of the computer group often has only a business degree, maybe one course in programming, and his expertise about computer matters rests on his firm belief that the best programmer on his staff is the fastest typist. At least, that is how he rates his programmers at evaluation time.
This manager may have a technical assistant who would not be rated exceptional in any environment.
Even where the manager is an engineer, he often has few computer skills. I worked on a project for the engineering department of a large manufacturing company and had a really tough time convincing the manager that the first two computers that he gave me were defective. It took two weeks before he provided me with a third computer that actually worked properly.
The main job of a manager in most companies is to keep costs low. Neither quality nor safety is ever an issue.
TheMadMonk
(6,187 posts)...control parameters that could easily be managed by discrete incorruptible dedicated control circuitry, instead run by systems designed to be as versatile as possible?
FFS, a turbine does not need to browse pornography, and it's operator should be wanking on his own time, not the company's.
If more complexity is needed, why not a Picaxe or Arduino style micro controler with ZERO, NO, NONE, NADA capability of remote reprogramability?