BOSTON Jan 16 A computer virus attacked a
turbine control system at a U.S. power company when a technician
unknowingly inserted an infected USB computer drive into the
network, keeping a plant off line for three weeks, according to
a recent U.S. government report.
The Department of Homeland Security said criminal software,
which is used to conduct financial crimes such as identity
theft, was behind the incident.
It was introduced by an employee of a third-party contractor
that does business with the utility, according to the agency.
DHS reported the incident, along with a second involving a
more sophisticated virus, on its website as cyber experts gather
at a high-profile security conference in Miami known as S4 to
review emerging threats against power plants, water utilities
and other parts of the critical infrastructure.
Interest in the area has surged since 2010 when the Stuxnet
computer virus was used to attack Iran's nuclear program.
Although the United States and Israel were widely believed to be
behind Stuxnet, experts believe that hackers may be copying the
technology to develop their own viruses.
The agency's Industrial Control Systems Cyber Emergence
Response Team (ICS-CERT), which helps protect critical U.S.
infrastructure, said that the power plant incident occurred in
October, though it described it in a quarterly newsletter that
was accessed via its website on Wednesday.
That report described a second incident in which it said it
had recently sent technicians to clean up computers infected by
common and "sophisticated" viruses on workstations that were
critical to the operations of a power generation facility.
The report did not say who the agency believed was behind
the sophisticated virus or if it was capable of sabotage. A DHS
spokesman could not immediately be reached for comment.
The Department of Homeland Security rarely identifies
critical infrastructure operators that are hit by viruses, but
it does provide statistics.
It said ICS-CERT responded to 198 cyber incidents reported
by energy companies, public water districts and other
infrastructure facilities in the fiscal year ending Sept. 30,
Attacks against the energy sector represented 41 percent of
the total number of incidents in fiscal 2012. According to the
report, ICS-CERT helped 23 oil and natural gas sector
organizations after they were hit by a targeted spear-phishing
campaign - when emails with malicious content are specifically
targeted at their employees.
The water sector had the second highest number of incidents,
representing 15 percent.