Malware em centrais eléctricas


Critical control systems inside two US power generation facilities were found infected with computer malware, according to the US Industrial Control Systems Cyber Emergency Response Team.

Both infections were spread by USB drives that were plugged into critical systems used to control power generation equipment, according to the organization's newsletter for October, November, and December of 2012. The authors didn't identify the owners of the facilities and there's no indication the infections resulted in injuries or equipment failures.

The incidents were reported earlier by Threat Post, and they are the latest to underscore the vulnerabilities posed by so-called supervisory control and data acquisition systems that aren't properly secured. SCADA and industrial control systems use computers to flip switches, turn dials, and manipulate other controls inside dams, power-generation plants, and other critical infrastructure. Computer malware that infects those systems can pose a threat by giving remote attackers the ability to sabotage sensitive equipment. Last year, a backdoor in a widely used piece of industrial software allowed hackers to illegally access a New Jersey company's internal heating and air-conditioning system.

(...)

The other infection affected 10 computers in a turbine control system. It was also spread by a USB drive and "resulted in downtime for the impacted systems and delayed the plant restart by approximately three weeks," the article stated. It went on to encourage owners and operators of critical infrastructure to "develop and implement baseline security policies for maintaining up-to-date antivirus definitions, managing system patching, and governing the use of removable media."

Artigo completo na ArsTechnica
Newsletter ICS-CERT Monitor Out-Dec 2012