PCMag editors select and review products independently. If you buy through affiliate links, we may earn commissions, which help support our testing.

PCMag UK

U.S. Power Plant Hit by USB-Based Malware

Chloe Albanesius
 & Chloe Albanesius Executive Editor, News

Our team tests, rates, and reviews more than 1,500 products each year to help you make better buying decisions and get more from technology.

Our Expert
LOOK INSIDE PC LABS HOW WE TEST
65 EXPERTS
43 YEARS
41,500+ REVIEWS

A U.S.-based power plant was hit with a malware attack thanks to an infected USB stick used for software updates.

The incident was revealed in a new report from the U.S. Industrial Control Systems Cyber Emergency Response Team (ICS-CERT). The power plant contacted CERT after discovering a virus in a turbine control system that impacted about 10 computers on its control system network, and affected operations for about three weeks.

The USB drive in question was used to back up control system configurations. However, when the technician - who was not aware of the malware - inserted the USB stick into a computer with antivirus software, it picked up on at least three incidents of malware.

"Initial analysis caused particular concern when one sample was linked to known sophisticated malware," according to CERT, which deployed a team in October for an on-site inspection.

That team found the malware on two engineering workstations that were "critical to the operation of the control environment." Compounding the problem was the fact that there were no backups for these workstations.

"The recommended practice is to maintain a system of 'hot spares' or other effective backups for all critical systems," CERT said.

The workstations did not run anti-virus solutions due to the challenges of deploying them in a control system environment, CERT said. But anti-virus software "could have been effective in identifying both the common and the sophisticated malware discovered on the USB drive and the engineering workstations," the organization said.

CERT also recommended that USB devices be cleaned before use, or swapped out for CDs or DVDs that are only used once.

The incident is reminiscent of Stuxnet, a virus reportedly deployed by the U.S. and Israeli governments in order to slow the spread of Iran's nuclear program. The actual deployment of Stuxnet was carried out by "spies and unwitting accomplices," who physically carried thumb drives loaded with the virus into the facility, according to a 2012 New York Times report.

[Image]

About Our Expert

Chloe Albanesius

Chloe Albanesius

Executive Editor, News

My Experience

I started out covering tech policy in DC for The National Journal, where my beat included state-level tech news and all the congressional hearings and FCC meetings I could handle. I later covered Wall Street trading tech before switching gears to consumer tech. I now lead PCMag's news coverage.

My Areas of Expertise

Getting my start in DC means I still have a soft spot for tech policy; Congressional hearings can sometimes be as entertaining as a Bravo reality show, for better or worse. But PCMag is all about the technology we use every day, as well as keeping an eye out for the trends that will shape the industry in the years ahead (or flop on arrival). I've covered the rise of social media, the iOS vs. Android wars, the cord-cutting revolution that's now left us with hefty streaming bills, and the effort to stuff artificial intelligence into every product you could imagine. This job has taken me to CES in Vegas (one too many times), IFA in Berlin, and MWC in Barcelona. I also drove a Tesla 1,000 miles out west as part of our Best Mobile Networks project. Of late, my focus is on our hard-working team of reporters at PCMag, guiding and editing their robust coverage.

Read the latest from Chloe Albanesius

Read full bio