USB drives responsible for infecting two US power plants with malware

By Shawn Knight · 9 replies
Jan 17, 2013
Post New Reply
  1. The latest quarterly report from the U.S. Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) reveals that control systems at two different power plants in the US were found infected with malware last year. The organization didn't name which plants...

    Read more
  2. amstech

    amstech IT Overlord Posts: 1,936   +1,101

    It's not the people using the guns, its the guns fault.
    Its not the people using the flash drives, its the flash drives fault.
    Lets put more rules/laws on them, that will fix it!!

    The pussification of this country is starting to hit an all time high.
    ShadowDeath likes this.
  3. treetops

    treetops TS Evangelist Posts: 2,073   +219

    Well a simple rule of having any anti virus software as opposed to nothing would have helped.
  4. jobeard

    jobeard TS Ambassador Posts: 11,168   +986

    The USB insert / mount issue is exactly like the '80s shared floppy infection.
    This is why it is necessary to disallow AUTORUN on all mountable devices, which will give you the
    opportunity to scan the newly mounted media before launching the autorun or setup.exe.
  5. They should have been using Macs.
  6. They don't know " Autorun Eater from Old McDonald’s Farm" !!!
  7. Or any available linux OS that's what all Mac OSs' are just stolen linux OSs'
    And they are free!!!!!!!!
  8. Unix, not Linux silly. A BSD flavor built on top of a MACH kernel and POSIX compliant with a highly advanced user-friendly GUI. I chuckle at all the Windows users who think they are somehow using a more "power user" OS in Windows and that OS X is a "toy". The UNIX underlying OS X is far more hardcore and wonderfully accessible. Just start Terminal and BASH away.Disease free.
    jobeard likes this.
  9. What I have to wonder is why any critical system (security, infrastructure, etc) isn't on a close internal network without Internet access. The best trojan in the world is useless without an external network connection.

    And possibly with the USB sockets disabled/removed too.
  10. jobeard

    jobeard TS Ambassador Posts: 11,168   +986

    Managing removable media AND all of the BYOD (Bring Your Own Device; eg smartphones) to work is a major commercial issue.
    We all know just how utilitarian these are, but they all present RISK to the Infrastructure. Even Windows/7 added a feature NAP(Network Access Protection) to verify that remote devices accessing the Infrastructure are 'reasonably safe'.
    If you google for 3rd party tools which provide USB device management and control, you will see major efforts have been made to close the doors for all forms of mounted device control (ie CDs, DVDs, Thumbdrives are all mounted).

    Unix (and the Linux look alikes) have had this issue bolted down for decades with the FSTAB options of ro,noexec,nosuid,
    (read-only, no executables, no super-user-id).

Similar Topics

Add your comment to this article

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...