dslreports logo
site
 
    All Forums Hot Topics Gallery
spc

spacer




how-to block ads


Search Topic:
uniqs
642
share rss forum feed


Cartel
Premium
join:2006-09-13
Chilliwack, BC
kudos:2
Reviews:
·TekSavvy DSL
·Shaw
·TELUS

1 recommendation

U.S. Power Plant Hit by USB-Based Malware

A U.S.-based power plant was hit with a malware attack thanks to an infected USB stick used for software updates.

The incident was revealed in a new report from the U.S. Industrial Control Systems Cyber Emergency Response Team (ICS-CERT). The power plant contacted CERT after discovering a virus in a turbine control system that impacted about 10 computers on its control system network, and affected operations for about three weeks.

The USB drive in question was used to back up control system configurations. However, when the technician - who was not aware of the malware - inserted the USB stick into a computer with antivirus software, it picked up on at least three incidents of malware.

»www.pcmag.com/article2/0,2817,2414371,00.asp

The incident is reminiscent of Stuxnet, a virus reportedly deployed by the U.S. and Israeli governments in order to slow the spread of Iran's nuclear program.



StuartMW
Who Is John Galt?
Premium
join:2000-08-06
Galt's Gulch
kudos:2

3 edits

Well you can be infected with a removable drive in two three ways on a Windows based machine.

• Autorun (disable it!)

• An infected executable on the drive (A/V should catch that).

• An infected boot sector on the drive. While booting from a USB drive is possible it's probably not common in industrial applications.

I'd rather have stand-alone machines updated via a removable drive than have them all networked.

PS: Computer "oldies", like me, remember the days when viruses spread via floppies. Nothing really new here.
--
Don't feed trolls--it only makes them grow!



DrStrange
Technically feasible
Premium
join:2001-07-23
West Hartford, CT
kudos:1

Practicing safe hex makes this type of infection a longshot.

- A/V should scan all removable drives [no disabling/abort allowed].
- Autorun disabled
- Boot from USB disabled in [password protected] BIOS

You can still use a thumb drive for updates. Our A/V takes about 10 seconds to scan unless you're dumb enough to store several GB of iTunes or video on the same drive as your updates.

I guess I'm old. I have many not-so-fond memories of boot sector viruses and malicious macros on floppies that were actually floppy.


HELLFIRE
Premium
join:2009-11-25
kudos:18
reply to Cartel

My question is what malware was found? If they don't answer, the default answer (almost) becomes
Iran's counter to Stuxnet. Let the cyberwar continue!

Regards