In its latest report, the US Department of Homeland Security's (DHS) Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) reveals that, over the past three months, pieces of malware have been identified in the industrial control system environments of two power companies.The first incident affected a power generation facility where both common and sophisticated malware was identified on a USB drive used by an employee to back up control system configurations.
After further analyzing the infection, it was determined that two engineering workstations, both of them critical to the operation of the control environment, were plagued with sophisticated malware.
Another similar situation occurred in October 2012, when a power company reached out to ICS-CERT after detecting a virus infection in a turbine control system.
A total of 10 computers were found to be infected, resulting in a downtime that delayed the plant restart with 3 weeks.
The malware spread through the organization’s networks via an infected USB drive used by a technician for software updates.