Malicious virus shuttered U.S. power plant

Professional Engineer & PE Exam Forum

Help Support Professional Engineer & PE Exam Forum:

This site may earn a commission from merchant affiliate links, including eBay, Amazon, and others.
Capt Worley PE

Capt Worley PE

Run silent, run deep
Joined
May 4, 2007
Messages
13,369
Reaction score
649
Location
SC
First I heard of this. Sounds like they are keeping the cards close on this one.

http://www.reuters.com/article/2013/01/16/cybersecurity-powerplants-idUSL1E9CGFPY20130116

Jan 16 (Reuters) - A computer virus attacked a turbine control system at a U.S. power company last fall when a technician unknowingly inserted an infected USB computer drive into the network, keeping a plant off line for three weeks, according to a report posted on a U.S. government website.

The Department of Homeland Security report did not identify the plant but said criminal software, which is used to conduct financial crimes such as identity theft, was behind the incident.

It was introduced by an employee of a third-party contractor that does business with the utility, according to the agency.

DHS reported the incident, which occurred in October, along with a second involving a more sophisticated virus, on its website as cyber experts gather at a high-profile security conference in Miami known as S4 to review emerging threats against power plants, water utilities and other parts of the critical infrastructure.

In addition to not identifying the plants, a DHS spokesman declined to say where they are located.
Click to expand...
Not good at all.

 
Off-line isn't as scary as on-line with an agenda. Actually SCADA security is huge these days as people are finding that much of the hardware and software isn't that secure. Most SCADA system use security by isolation but ignore the whole fact that USB drives are a staple that will bridge the system to the outside world. I've heard plenty of stories of integrators inadvertently infecting customer sites but usually it's just a run of the mill virus. Ever since the Stuxnet virus though the controls industry has had to take a harder look at their security. Counting on a system being an island and ignorance of PLC platforms isn't going keep sites safe any longer.

 
Excellent points Niki. I work for a utility and we count on the air-gap as a major part of our SCADA security, but having the ability to bridge that gap with an unintentional usb infection could be disasterous to our system...

 
Just curious, what are you afraid of them doing online with an agenda? According to the report the virus was in the turbine control system. . .at worst I can see the turbine control system being disabled could cause a catastrophic failure of the turbine--which could cause a lot of damage and loss of life, but it should be contained to the local area of the plant.

Now, if they're able to take over several plants at once--that could cause widespread problems.

 
I think what she is saying is if they could implant the virus in several plants and/or SCADA systems and have a timed event, say March 15th 12 noon CST(et tu brutus), and have all the viruses attack at this given time, it could bring down the grid...

 
I was speaking more the general idea of an attack to any SCADA system. There is the example Judowolf used. In other industries, such as the water/wastewater industry that I work in, there could be huge environmental and public health concerns. If, as they did with Stuxnet, the virus has the PLC behave in one manner while feeding false data back to the HMI, the system could be kept online while doing harm.

 
Yes, I would think a realistic fear is a virus that's coordinated against the means of production. IMHO,Katrina and Sandy demonstrate that even wide area damage doesn't necessarily initiate the Zombie Apocalypse. The utilities can pull together and get stuff put back together relatively quickly in most cases (a few weeks). But if there's nothing to connect to...??? That could be a problem.

Just "could" be though - I'm cautiously optimistic that it would be fine; no Z/A either way. Humans survived for 10,000 years prior to the invention of electricity, so we might just make it.

Conspiracy Theory for Today: Do you think we're getting the full story on Crystal River? Wait a sec, a black van just pulled in my driveway - be right back.

 
Once the grid goes down, it's not as easy as flipping a switch to bring it back up...if the whole national grid went down, it would be a nightmare. True, we have lived without electricity for all but the past 100 or so years, but people would flip out!

What happened in Crystal River...guess I'm behind

 
Well, in August 2003 half the Eastern Interconnection went down and we managed to get it back in three days, including minor damage at several generating plants.

I can't take too much credit for it though since the outage stopped at my employer's border. I.e. we stopped the blackout, lol :)

 
Judowolf PE said:
Once the grid goes down, it's not as easy as flipping a switch to bring it back up...if the whole national grid went down, it would be a nightmare. True, we have lived without electricity for all but the past 100 or so years, but people would flip out! What happened in Crystal River...guess I'm behind
Click to expand...


The last I heard they're having problems with concrete in their containment structure. Duke hasn't announced a decision yet as to whether they will repair or retire the plant.

 
Mud, you're right, I had to do a big powerpoint presentation on the blackout of 2003 and go around and present it to local civic groups explaining what happened and what steps we could take to prevent it from happening here...

 
Now that NERC rode to the rescue it would probably take longer due to all the paperwork.

 
I heard about that and what I was working attune device mployer Rutgers a verboten something about USB drives and sich

 
Flyer_PE said:
Judowolf PE said:
Once the grid goes down, it's not as easy as flipping a switch to bring it back up...if the whole national grid went down, it would be a nightmare. True, we have lived without electricity for all but the past 100 or so years, but people would flip out! What happened in Crystal River...guess I'm behind
Click to expand...


The last I heard they're having problems with concrete in their containment structure. Duke hasn't announced a decision yet as to whether they will repair or retire the plant.
Click to expand...
They've actually had quite a few structural issues not just in the containment building. Most of their spectra responses we see for the crane specs are always changing. Word has it they cut a number corners awhile back with their licensing and now it is coming back to bite them.

 
I don't know if I would say they cut corners in licensing. Crystal River was licensed back when nuclear power was supposed to be "Too Cheap to Meter". Times and standards have evolved a bit in the intervening years.

 

Similar threads

Slugger926
Engineering Outlooks/Sallaries
Replies
0
Views
1K
Slugger926
Slugger926

Latest posts

Back
Top