• 1 hour Canadia Ltd. Returns To Sudan For First Time Since Oil Price Crash
  • 3 hours Syrian Rebel Group Takes Over Oil Field From IS
  • 3 days PDVSA Booted From Caribbean Terminal Over Unpaid Bills
  • 3 days Russia Warns Ukraine Against Recovering Oil Off The Coast Of Crimea
  • 3 days Syrian Rebels Relinquish Control Of Major Gas Field
  • 3 days Schlumberger Warns Of Moderating Investment In North America
  • 3 days Oil Prices Set For Weekly Loss As Profit Taking Trumps Mideast Tensions
  • 3 days Energy Regulators Look To Guard Grid From Cyberattacks
  • 3 days Mexico Says OPEC Has Not Approached It For Deal Extension
  • 3 days New Video Game Targets Oil Infrastructure
  • 3 days Shell Restarts Bonny Light Exports
  • 3 days Russia’s Rosneft To Take Majority In Kurdish Oil Pipeline
  • 3 days Iraq Struggles To Replace Damaged Kirkuk Equipment As Output Falls
  • 4 days British Utility Companies Brace For Major Reforms
  • 4 days Montenegro A ‘Sweet Spot’ Of Untapped Oil, Gas In The Adriatic
  • 4 days Rosneft CEO: Rising U.S. Shale A Downside Risk To Oil Prices
  • 4 days Brazil Could Invite More Bids For Unsold Pre-Salt Oil Blocks
  • 4 days OPEC/Non-OPEC Seek Consensus On Deal Before Nov Summit
  • 4 days London Stock Exchange Boss Defends Push To Win Aramco IPO
  • 4 days Rosneft Signs $400M Deal With Kurdistan
  • 4 days Kinder Morgan Warns About Trans Mountain Delays
  • 4 days India, China, U.S., Complain Of Venezuelan Crude Oil Quality Issues
  • 5 days Kurdish Kirkuk-Ceyhan Crude Oil Flows Plunge To 225,000 Bpd
  • 5 days Russia, Saudis Team Up To Boost Fracking Tech
  • 5 days Conflicting News Spurs Doubt On Aramco IPO
  • 5 days Exxon Starts Production At New Refinery In Texas
  • 5 days Iraq Asks BP To Redevelop Kirkuk Oil Fields
  • 6 days Oil Prices Rise After U.S. API Reports Strong Crude Inventory Draw
  • 6 days Oil Gains Spur Growth In Canada’s Oil Cities
  • 6 days China To Take 5% Of Rosneft’s Output In New Deal
  • 6 days UAE Oil Giant Seeks Partnership For Possible IPO
  • 6 days Planting Trees Could Cut Emissions As Much As Quitting Oil
  • 6 days VW Fails To Secure Critical Commodity For EVs
  • 6 days Enbridge Pipeline Expansion Finally Approved
  • 6 days Iraqi Forces Seize Control Of North Oil Co Fields In Kirkuk
  • 6 days OPEC Oil Deal Compliance Falls To 86%
  • 7 days U.S. Oil Production To Increase in November As Rig Count Falls
  • 7 days Gazprom Neft Unhappy With OPEC-Russia Production Cut Deal
  • 7 days Disputed Venezuelan Vote Could Lead To More Sanctions, Clashes
  • 7 days EU Urges U.S. Congress To Protect Iran Nuclear Deal
Alt Text

With A World Awash In Oil, Kazakhstan Faces Fuel Crisis

Kazakhstan is struggling with a…

Alt Text

300,000 Bpd Offline As Kurdistan Conflict Continues

The ongoing conflict in Iraqi…

Alt Text

Oil Prices Rise Amid Falling U.S. Rig Count

Oil prices inched higher on…

John Daly

John Daly

Dr. John C.K. Daly is the chief analyst for Oilprice.com, Dr. Daly received his Ph.D. in 1986 from the School of Slavonic and East European…

More Info

Malicious Software Threatens U.S. Power Plants

Malicious Software Threatens U.S. Power Plants

In America’s energy industry, batted by last year’s Hurricane Sandy, can be added a new threat – computer malware, an ominous portent for the U.S. power grid.

Apparently, in October 2012 a computer malware virus invaded a turbine control system at a U.S. power plant, when a technician “unknowingly” inserted an infected USB computer drive into the network, keeping a plant off line for three weeks according to a Voice of America report.

The ever vigilant Department of Homeland Security, while reporting the incident, did not identify the plant or the perpetrator, but did inform the U.S. taxpayers that the malware was apparently generated by “criminal software,” which has been previously used to perpetrate financial crimes, including as identity theft, adding that the software was introduced into the facility’s operating software by an employee of a third-party contractor that conducts business with the unnamed utility.
      
The DHS Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) reported the incident, which occurred in October 2012, along with a second “event” involving a more sophisticated malware software virus. In addition to not identifying the plants involved, a DHS spokesman declined to say where they are located.

Relevant Article: Rail and Pipelines Merge in Oil Transit Bonanza

The problem may well prove to be the tip of the iceberg, depending on who is behind the attacks, as many U.S. power plants essential infrastructure control systems run Windows XP and the much more elderly Windows 2000, the latter an operating system designed more than a decade ago, which has been notorious for its “bugs” and numerous hastily issued software “patches.” The more elderly Microsoft software programs include “auto run” features which operate by default, making them a prime hacker target because malware can be loaded as soon as a USB is plugged into the system unless operators change the system’s settings.

And, despite the billions of dollars poured into the Department of Homeland Security since 9-11, the malware was discovered according to the “ICS-CERT Monthly Monitor October/November/December 2012” “when an employee asked company IT staff to inspect his USB drive after experiencing intermittent issues with the drive’s operation. The employee routinely used this USB drive for backing up systems configurations within the control environment. When the IT employee inserted the drive into a computer with up-to-date antivirus software, the antivirus software produced three positive hits. Initial analysis caused particular concern when one sample was linked to known sophisticated malware. Following analysis and at the request of the customer, an onsite team was deployed to their facility where the infection occurred.”

Relevant Article: Strategies to Bring Reliable Electricity to India

For better or worse, malware targeting power plants seems to be a growth area of the 21st century malcontents, whether private or governmental. Since the 2010 emergence of the Stuxnet malware computer virus, used to infiltrate Iran's civilian nuclear program, apparently designed to target Iranian uranium centrifuges separating out uranium isotopes, malware Internet computer viruses targeting energy facilities have slowly emerged into the world media. Evidence has mounted that the United States and Israel were primarily responsible for Stuxnet. Adding to global anxieties, programming experts believe that hackers may now be copying the covert anarchic technology to develop their own viruses.

How serious a problem might hacking attacks against U.S. power plants become?

According to ICS-CERT, the agency responded to 198 cyber incidents reported by energy companies, public water districts and other infrastructure facilities in the fiscal year ending 30 Sept. 2012 and attacks against the energy sector represented 41 percent of the total number of incidents in fiscal 2012.

Something to think about the next time your lights flicker.

By. John C.K. Daly of Oilprice.com




Back to homepage


Leave a comment
  • David B. Benson on January 20 2013 said:
    Then stop using 'Windows' for those applications.
  • Tuna on January 22 2013 said:
    They should hire Iran to solve this problem on account of their expertise.

Leave a comment




Oilprice - The No. 1 Source for Oil & Energy News