PDA

View Full Version : USB sticks infect two power plants with malware



Cigar
01-17-2013, 08:10 AM
A US power plant was recently hit by a virus thanks to an infected USB stick, a report from the Department of Homeland Security has revealed.

The virus, a Trojan used for identity theft, was unwittingly introduced by a technician working for a third party contractor, and kept the power plant offline for three weeks.

"When the IT employee inserted the drive into a computer with up-to-date antivirus software, the antivirus software produced three positive hits," says the DHS's Computer Emergency Readiness Team (ICS-CERT) in a report.


USB sticks are a notoriously simple way for attackers to gain entry to industrial control systems. Both the Stuxnet worm and the Flame malware, reportedly developed by the US and Israel to attack systems in Iran, relied on USB drives to gain access.

http://www.tgdaily.com/security-brief/68813-usb-sticks-infect-two-power-plants-with-malware

Peter1469
01-17-2013, 08:54 AM
This happened in the DoD back in 2007-08 and the entire government banned the use of the memory sticks. The government is just now getting around to contracting for encrypted / safe memory sticks.

Cigar
01-17-2013, 09:03 AM
This happened in the DoD back in 2007-08 and the entire government banned the use of the memory sticks. The government is just now getting around to contracting for encrypted / safe memory sticks.



I have a customer; Abbott Labs, and in their Asset Management Department, there are no Hard-Drive or External Devices connected to their employee computers, also anything sent to a printer requires a changing code to be entered.

countryboy
01-17-2013, 11:36 AM
I have a customer; Abbott Labs, and in their Asset Management Department, there are no Hard-Drive or External Devices connected to their employee computers, also anything sent to a printer requires a changing code to be entered.
Yeah right, I'm sure your "customer" would appreciate you mentioning them by name and revealing private info on a public forum. So where does the OS reside in these machines?

Cigar
01-17-2013, 11:42 AM
Yeah right, I'm sure your "customer" would appreciate you mentioning them by name and revealing private info on a public forum. So where does the OS reside in these machines?

Lots of Government entities operate in this manner ... this ain't top secrete IT shit; it basically mimics an old mainframe SOP, the STD OS is is resident with protected shared libraries.