UPDATE 1-Malicious virus shuttered U.S. power plant -DHS

Comments (12)
daveca wrote:

This article is so biased and loaded with hysteria, whats the point?

“when a technician unknowingly inserted an infected USB computer drive into the network,”

The technician did not know that he had inserted a USB stick?

When you cant even write a coherent sentence, go back to school.

“Many critical infrastructure control systems run on Windows XP and Windows 2000, operating systems that were designed more than a decade ago. They have “auto run” features enabled by default, which makes them an easy target for infection because malicious software loads as soon as a USB is plugged into the system unless operators change that setting, Clarke said.”

Bull Bleep. Win XP has DEP to prevent that. Its unlikely the network didnt have virus scan etc. The author subtly changed subjects from “control system” to “windows 2K-XP”, I doubt most readers caught it or have enough computer background to notice the distinction.

ITs very dishonest or incompetent writing.

Further, its not evdidenced, or credible, that a virus took a whole plant down for a month, especially when:

1.) there are backup controls, that should be manual
2.) no explanation of how that took the entire PLANT down
3.) no explanation of how that happened and resulted in the whole plant being down for a month, when it only takes minutes to a few hours to reload all the computers\

More false reporting and hysteria:

“The report from ICS-CERT described a second incident in which it said it had recently sent technicians to clean up computers infected by common as well as “sophisticated” viruses on workstations that were critical to the operations of a power generation facility.”

Four step process, 15 minutes

1. power computers down,
2 go to manual control
3. swap with a clean, sterile hard drives
4 power computers up

Sorry, too much engineering background to accept this trash.

This is all BS reporting designed to float the hysteria that the Gummit needs to control computer networks.

Jan 16, 2013 8:08pm EST  --  Report as abuse
jdm15 wrote:

It’s fairly evident that the virus didn’t shut the plant down. The plant was voluntarily shutdown for incident remediation after the virus was detected. It likely took three weeks to return the plant to operational status for a number of possible reasons, including 1) lack of sufficient (legacy) replacement equipment, 2) insufficient operational procedures or training in handling this type of incident, or 3) insufficient budget to enable expeditious remediation and restoration of service.

Jan 16, 2013 8:40pm EST  --  Report as abuse

daveca,

“This is all BS reporting designed to float the hysteria that the Gummit needs to control computer networks.”

You make some very good, common sense points in your comment. If these USB sticks are such a big problem, why in 2013 are critical power companies allowing the use of such devices?

What is your opinion that this might be a ill-fated attempt at sabotage, corporate or national?

Also, concerning this dishonest or incompetent writing.. perhaps this journalist needs to research his or her subject matter better! Then again, i am sure a news organization like wired would be 10X better suited for this subject matter.

Jan 16, 2013 9:13pm EST  --  Report as abuse
Gnar wrote:

@daveca

First know that I agree with you that this article is making much ado about nothing, but the inaccuracies in your comments need to be addressed. I work in this industry so believe me when I say simply “swapping out the hard drives” does not fix a problem like this.

First let’s make a few assumptions since DHS won’t give away too many details. Lets say this plant is like the most common power generation utility in the US: a combined-cycle combustion turbine. That’s a giant jet engine bolted to the ground and boot-strapped to a generator. The exhaust gasses from the turbine generate steam that run a nearby steam turbine.

This is an extremely complex system that goes through many phases during a typical startup. Typically these sites are operated by 2-5 people, and sometimes remotely (no-one on site). The digital control system (DCS) handles a delicate balance of air, fuel, steam, speed, etc that is literally impossible to operate manually with the given staff.

Operators use what’s called a human-machine interface to send commands to the DCS. These are the computers the article refers to. Although they do run XP, 2K (and some still use NT (>

Jan 16, 2013 9:28pm EST  --  Report as abuse
Gnar wrote:

@daveca

First know that I agree with you that this article is making much ado about nothing, but the inaccuracies in your comments need to be addressed. I work in this industry so believe me when I say simply “swapping out the hard drives” does not fix a problem like this.

First let’s make a few assumptions since DHS won’t give away too many details. Lets say this plant is like the most common power generation utility in the US: a combined-cycle combustion turbine. That’s a giant jet engine bolted to the ground and boot-strapped to a generator. The exhaust gasses from the turbine generate steam that run a nearby steam turbine.

This is an extremely complex system that goes through many phases during a typical startup. Typically these sites are operated by 2-5 people, and sometimes remotely (no-one on site). The digital control system (DCS) handles a delicate balance of air, fuel, steam, speed, etc that is literally impossible to operate manually with the given staff.

Operators use what’s called a human-machine interface to send commands to the DCS. These are the computers the article refers to. Although they do run XP, 2K (and some still use NT (>

Jan 16, 2013 9:28pm EST  --  Report as abuse
MeMadMax wrote:

I work on power generation equipment for a living, steam powered systems in particular(did a stint in military as well)…

You don’t want computer controls or “smart grid”.

Think about it.
These systems have worked great for a hundred years with no computers, why do it now?
Why fix it till its broken?
The true reason is money, control, and a gateway for the eco-weenies which in turns another gateway for the socialists/progressives/communists…

And if you think I’m BS’ing then I have no idea what a uncontrolled superheater is…(google it) =P

Jan 17, 2013 1:03am EST  --  Report as abuse
guru2u wrote:

Whoever did this needs jail time. Lots of it. Nothing else will deter it.

Jan 17, 2013 9:23am EST  --  Report as abuse
Overcast451 wrote:

DHS trying to derail people from the real news about their lies?

http://usnews.nbcnews.com/_news/2012/12/12/15868303-sen-menendez-employed-intern-who-was-illegal-immigrant-sex-offender-ap-reports?lite

Jan 17, 2013 10:20am EST  --  Report as abuse
deowll12 wrote:

Using software in these systems that isn’t designed to do one thing and one thing only, run the system, is foolish. The next point is the software should be in rom and anyone caught sticking a USB stick into such a system should be fired. A system manager that didn’t have auto boot turned off should be fired. These people were less than incompetent! They were criminally negligent!

Jan 17, 2013 10:37am EST  --  Report as abuse
CleanFun wrote:

Ya, because all identity theft trojans include code segments to attack nuclear turbines… You know, “just in case” they get the opportunity to blow a city off the planet while they’re out phishing for credit card numbers.

Almost every news story you read these days will be reported with the same level of impossibility and inaccuracy.

Jan 17, 2013 12:40pm EST  --  Report as abuse
rowley wrote:

Failed, Useless Homeland Security now in charge of Obama Bun ban Decrees. Will the Janet in Janet in Obama administration screw up like Janet in Clinton administration and we end up with a Waco like disaster over gun control?

Jan 17, 2013 3:41pm EST  --  Report as abuse
MikkiDean wrote:

Relax, the news is full of “news” reports that are designed for your consumption. Check ABC to find planted gun reports and electric car stories.
Check ABC and NBC for reports about the need for humanitarian immigration reform and fear driven cybercrime and Internet protection laws.
Anytime the President is signing, is sue to sign, or has signed an executive order having to do with these key issues…
the media rushes to demonstrate how effective he is. Wow. What a man. I am so glad I voted for him. Then again, you see what I am.

Jan 17, 2013 5:35pm EST  --  Report as abuse
This discussion is now closed. We welcome comments on our articles for a limited period after their publication.