Average Rating: Rate this article:

Malware Discovered at Two U.S. Power Plants By Jennifer LeClaire January 16, 2013 2:15PM     Initial reports from ICS-CERT on the infections at two U.S. power plants indicate they were likely to be widely available pieces of malware not specifically designed to target supervisory control and data acquisition (SCADA) environments, said security researcher Dave Pack. That said, he added, the malware was still disruptive.   Related Topics Malware Stuxnet ICS-CERT Enterprise Security Cybercrime USB Top Tech News Latest News Reality TV's New Stars: Small Biz Soundbars Up the Ante on TV Sound Google Glass Raises Privacy Concerns Pentagon Gives iOS 6 Security OK Should Enterprises Skip Windows 8? There has long been talk of fears of cyber criminals attacking the power grid. Well, those fears came a little closer to reality this week. The U.S. Department of Homeland Security's Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) reports malware infected two U.S. power stations in the fourth quarter of 2012. According to ICS-CERT, the malware was discovered when an employee asked company IT staff to inspect his USB drive after experiencing intermittent issues with the drive's operation. The employee routinely used this USB drive for backing up control systems configurations within the control environment. The Tainted USB Drive "When the IT employee inserted the drive into a computer with up-to-date antivirus software , the antivirus software produced three positive hits," the ICS-CERT said in a report. "Initial analysis caused particular concern when one sample was linked to known sophisticated malware." The conclusion: a handful of machines likely had contact with the tainted USB drive. ICS-CERT immediately examined the machines. Drive images were taken for in-depth analysis. ICS-CERT said it also performed preliminary on-site analysis of those machines and discovered signs of the sophisticated malware on two engineering workstations, both critical to the operation of the control environment. ICS-CERT blamed one of the infections on a third-party contractor who unknowingly infected systems at a power generation facility after plugging in a USB drive that was infected. That unleashed a crime-ware virus into a turbine control system that spread to about 10 other networked machines. Stuxnet-Like Attacks? Dave Pack, director of Labs for the security firm LogRhythm, told us it was too early to tell whether these were targeted Stuxnet-like attacks. Initial reports, he said, indicate they are more likely to be widely available pieces of malware not specifically designed to target supervisory control and data acquisition (SCADA) environments. That said, he added, the malware was still disruptive, in one case delaying a plant restart by approximately three weeks. "USB drives and removable media continue to be an excellent attack vector for malware," Pack said. "In cases like this, where an ICS/SCADA-like infrastructure is air gapped and removable media must be frequently used to support operations, it's important that organizations include security into their processes and procedures to ensure nothing malicious is inadvertently being introduced into the environment." In his opinion, removable media used in operations like this should be frequently scanned for malware. What's more, he offered, strict policies should be put in place and enforced to control how the media is stored and used. "Even with the best policies, procedures and preventive technologies in place, breaches will occur," Pack said. "Having continuous monitoring in place designed to detect anomalous activity indicating that a system or credentials have been compromised can mean the difference between rapid containment and remediation, or catastrophe."   Tell Us What You Think Comment: Name: NTObjectives: Posted: 2013-01-25 @ 10:59am PT Wow, Mr. Pack really summed it up in that last line. Especially at this level, continuous monitoring of web application security is imperative. Gautie: Posted: 2013-01-17 @ 6:10am PT Hmm... they should've an antivirus present on their systems... or perhaps the third-party technician had to immunize their USB. There are some good antivirus reviews & security advice on http://anti-virus-reviews.net/, should anyone be interested to tighten their security and prevent something like this to happen. Also Visit: iPad Info Center Billions of Bytes Mobile Device Now Apple Info Center TopTechWire.com Stingray Traffic Manager on Amazon Web Services - Deliver Fast, Secure, and Available Applications. Looking to combine advanced load balancing with the application delivery features on Amazon Web Services? This process will allow you to run Stingray™ software on Amazon AWS using an Amazon account of your choice. Click here to view the complete range of Riverbed Stingray products on AWS.  World Wide Web 1.   Lulzsec Hackers Sentenced to Jail 2.   Google Accused of U.K. Tax Trickery 3.   Tech, Labor Spar on Immigration 4.   Google Unveils Spotify Rival at I/O 5.   Larry Page Explains Voice Problems 3D-Printer Gun Plans Pulled Down State Department orders removal. Average Rating: Kmart's 'Ship My Pants' Ad Shocks Doody jokes never fail to raise ruckus. Average Rating: Tech, Labor Spar on Immigration Is it reform or diluting the job market? Average Rating:

Product Information and Resources for Technology You Can Use To Boost Your Business BYOD & MDM   Build a business case for a BYOD program. CRM Systems   Free Download: Understanding the Voice of the Customer   Unlock the potential in your people with Microsoft Dynamics   How Microsoft Dynamics helped mobilize retail businesses   2 million CRM success stories and counting...   Experience CRM and Business Success today with Salesforce.com.   Free Download: Understanding the Voice of the Customer   Optimize CRM with Data Quality Management. More from Trillium Cloud & Virtualization   Riverbed Stingray Traffic Manager on Amazon Web Services Contact Centers   Unlock the potential in your people with Microsoft Dynamics Customer Data   Free Download: Understanding the Voice of the Customer   See how you can benefit from Microsoft Dynamics   Free Download: Understanding the Voice of the Customer Customer Service   Improve your customer relationships with Microsoft Dynamics   2 million CRM success stories and counting...   Unlock the potential in your people with Microsoft Dynamics Data Security   Simpana® 10 software: an exponential leap forward Enterprise Hardware   The 2013 Toughpad™ tablets. Rugged, secure and built for business.   Rugged and reliable Panasonic Toughbook® mobile computers.   The best document scanner for you? Try KODAK's scanner selector   APC makes it easy for you to focus on business growth, not downtime. Enterprise I.T.   Brocade's mission: Making networks easier to deploy, manage, and scale.   11 Challenges Solved by Infrastructure for Small IT Environments Enterprise Software   Get critical data off paper and into SharePoint! Watch the video.   Simpana® 10 software: an exponential leap forward Hardware   The 2013 Toughpad™ tablets. Rugged, secure and built for business.   Rugged and reliable Panasonic Toughbook® mobile computers.   Rugged and reliable Panasonic Toughbook® mobile computers Innovation   The best document scanner for you? Try KODAK's scanner selector   Brocade's mission: Making networks easier to deploy, manage, and scale. Laptops & Tablets   Rugged and reliable Panasonic Toughbook® mobile computers. Mobile Apps   Build great mobile apps that drive engagement. Mobile Tech   Rugged and reliable Panasonic Toughbook® mobile computers Small Business   The best document scanner for you? Try KODAK's scanner selector Tech Trends   APC makes it easy for you to focus on business growth, not downtime.

Network Security Spotlight

Syrian Electronic Army Hacks Financial Times The Financial Times is the latest victim of the Syrian Electronic Army, a group that supports Syrian President Bashar al-Assad. The U.K.-based newspaper said a blog and its Twitter accounts were hacked.   Patch Tuesday Hyper Focuses on IE 8 Microsoft on Tuesday issued 10 security bulletins that fix 33 vulnerabilities. These updates include MS13-038, which will address the Internet Explorer 8 issue described in Security Advisory 2847140.   Surge of Venture Capital Buoys Tech Security Sector With companies and governments spending billions to repel cyberthreats, a surge of venture capital is pouring into companies developing cybersecurity technologies, the front line of the conflict.

Enterprise Hardware Spotlight

U.S. Defense Department Gives iOS 6 Security OK In a vote of confidence for Apple's iOS devices, the Defense Department has given the all-clear for employees to use iPads and iPhones for work. But only those running iOS 6, and only if issued by the government.   Cisco Surges After Profit Exceeds Analysts' Estimates Networking equipment giant Cisco's net income jumped 14 percent in the latest quarter as revenue at all four of its divisions rose for the first time in a year and a half, as tech spending increases.   HP and SAP Team To Advance HANA Database Technology The two tech leaders are working on a system that SAP says could fundamentally change the database market. HANA is SAP's technology that keeps data in-memory, for super fast processing.

Mobile Enterprise Spotlight

Google Glass Raises Congressional Privacy Concerns The buzz around Google Glass continues, but it's not all good. Some in Congress have questions. "We are curious whether this new technology could infringe on the privacy of average Americans," their letter to Google says.   Windows Phone Now No. 3 in Market, BlackBerry No. 4 Has Microsoft Phone moved into a coveted though distant third place for smartphone platforms behind Google's Android and Apple's iOS? A new report says yes, while BlackBerry has slipped to No. 4.   Intel Going Mobile with Its New CEO In his first speech as Intel's CEO, Brian Krzanich said he plans to focus on beefing up Intel's presence in mobility. The next step: a world tour showing mobile devices based on Intel chips, from PCs to phones and tablets.

Enterprise Technology Spotlight

HP and SAP Team To Advance HANA Database Technology The two tech leaders are working on a system that SAP says could fundamentally change the database market. HANA is SAP's technology that keeps data in-memory, for super fast processing.   Cloud Computing Gains Another Competitor with Google Amazon Web Services and Microsoft Azure now have a full-on rival in Google, with its I/O announcement that it is opening its hosted Compute Engine environment for virtual machines to all comers.   Hackers' New Tool of Choice: Smartphones Smartphones are increasingly popular not only with consumers, but with thieves who see the devices as another way to tap into bank accounts and other sensitive information, experts say.

Navigation NewsFactor Network Home/Top News | Enterprise I.T. | Cloud & Virtualization | Applications | Unified Communications | Mobile Tech | Hardware | Business Intelligence World Wide Web | Network Security | Data Storage | Small Business | Microsoft/Windows | Apple/Mac | Linux/Open Source | Personal Tech Press Releases NewsFactor Network Enterprise I.T. Sites NewsFactor Technology News | Enterprise Security Today | CRM Daily NewsFactor Business and Innovation Sites Sci-Tech Today | NewsFactor Business Report NewsFactor Services FreeNewsFeed | Free Newsletters | About NewsFactor Network | How To Contact Us | Article Reprints | Careers @ NewsFactor | Services for PR Pros | Top Tech Wire | How To Advertise Privacy Policy | Terms of Service © Copyright 2000-2013 NewsFactor Network. All rights reserved. Article rating technology by Blogowogo. Member of Accuserve Ad Network.