Two U.S. power plants fall victim to viruses

cybersecurity Industrial Control Systems Cyber Emergency Response Team ICS-CERT

Two unnamed U.S. power plants fell victim to a cyber attack after viruses and malware were found on computers in the plants. Both incidents were reported in a newsletter from the U.S. Industrial Control Systems Cyber Emergency Response Team, a section of the U.S. Department of Homeland Security.

The first incident was discovered when an employee was having trouble with his USB drive and asked an IT person to take a look. The IT workers inserted the drive into a computer with up-to-date antivirus software and the software made three positive hits, two for common malware and one for a sophisticated virus.

Several more computers were inspected, and two came up positive for the sophisticated malware. The two computers had no backup, and a failed cleanup would have impaired their operations, the newsletter said.

The report did not say if the computers did or did not have up-to-date antivirus software, but it did say that current software would have found the malware.

“While the implementation of an antivirus solution presents some challenges in a control system environment, it could have been effective in identifying both the common and the sophisticated malware discovered on the USB drive and the engineering workstations,” the newsletter said.

In early October 2012, another power company reported ten computers that were infected with a virus after a worker unknowingly used an infected USB drive to upload software updates during a scheduled outage for equipment upgrades. The computers were part of the plant’s turbine control system, and the infection delayed the restart of the plant by three weeks.

ICS-CERT says plant owners and operators should “develop and implement baseline security policies for maintaining up-to-date antivirus definitions.”

Read more safety and protection news

Did You Like this Article? Get All the Energy Industry News Delivered to Your Inbox

Subscribe to an email newsletter today at no cost and receive the latest news and information.

 Subscribe Now


Maximizing Operational Excellence

In a recent survey conducted by PennEnergy Research, 70% of surveyed energy industry professional...

Leveraging the Power of Information in the Energy Industry

Information Governance is about more than compliance. It’s about using your information to drive ...

Reduce Engineering Project Complexity

Engineering document management presents unique and complex challenges. A solution based in Enter...

Revolutionizing Asset Management in the Electric Power Industry

With the arrival of the Industrial Internet of Things, data is growing and becoming more accessib...