How frightening would it be if one day, the entire North American power grid suddenly went offline? That prospect is a long ways from reality, but ever since a string of malware attacks on public utilities were discovered this past week, people have been on edge.
The malware attacked two US power companies. And it didn’t just target individual computers and look for banking information or other comparatively harmless information. Instead, the malware targeted machines that directly dealt with the “control environment” of the power generators. That sounds dangerous.
The two affected power companies were not named, and neither was the malware detected in the attack. However, the attacks reportedly took place between October and December 2012.
In order to fix the problem, the power plant had to stay offline for three weeks. But that sounds like a better solution than giving hackers access to the control environment computers that manage power generators at utility stations across America.
Malware is spreading through USB drives
Unlike most viruses – which spread through the internet – this most recent malware attack was spread through infected USB sticks. Infected USB sticks are a preferred method when attacking high-security facilities because the network is often closed off to the outside world – either through a lack of internet connectivity or through a powerful firewall.
In that case, the only way to infect a computer is to shove a USB stick into it – something that’s difficult even for powerful antivirus software to detect. Once the machine is infected, it can try to infect other machines or steal information without worrying about bypassing a powerful firewall.
According to the U.S. Department of Homeland Security, the USB drive was likely placed in the engineering computers by an “outside technician” who had recently upgraded the software on those machines.
Hackers have started targeting nuclear power plants, electrical companies, and other important parts of our world. How long will it be until one of these hackers finds a tiny hole in our defenses?