US Power Stations hit by Viruses, DoD seeks to Jump the Gap into Secure Networks
The Control Systems of two American Power Stations were infected by viruses according to a report by the US Department of Homeland Security (ICS-CERT). Both were infected by USB drive based viruses. Interestingly enough, this is the same way Stuxnet was allowed to infect Iran’s air gaped secure network.
The US military is also looking at other ways to gain access to secure networks by “Jumping the Gap”.
Iran’s nuclear enrichment facilities were protected against outside attack, so they thought, because they used a closed or air gaped network. There was no physical network connections between the secured computers and the outside world. But Stuxnet, the virus that successfully attacked and hindered Iranian nuclear ambitions infiltrated the “air gap” via USB flash drive.
As America pushes to secure their critical infrastructure and SCADA systems from outside attacks, these two unnamed power plants were both infected late last year from internal threats.
One of the viruses seemed to have been brought in via USB drive by a third party contractor, infecting the control system with a crimeware type virus that infected 10 networked computers.
But the second is more concerning. The virus somehow infected a maintenance workers USB drive and two critical workstations:
“Investigators found sophisticated although unspecified malware on two engineering workstations associated with running critical applications. The subsequent cleanup operation was complicated by a lack of backups.”
Though both of these infections were via USB flash drives, which are banned in most secure facilities(?!?!?), the ability to infect closed secured systems via alternate methods is of great interest to the military.
Recently, reps from 60 tech companies attended a government planning day hosted by the Army’s Intelligence and Information Warfare Directorate (I2WD) to discuss new methods of cyber and electronic warfare.
Included in the discussion were high tech methods to infiltrate secure networks without being physically present via RF and electromagnetic distortions using ground based and aerial units:
“Imagine being able to roll a vehicle near a facility, sit for a short period while inserting a worm, and leave without having to buy off any employee or sneak anything past an attentive guard. Better yet, a stealthy unmanned aerial vehicle could be quietly flown far above a facility to insert code even in contested airspace.”
Electronic warfare and cyber are two of the top areas of concern to the modern war fighter. “We have to understand better the electromagnetic spectrum,” said Admiral Jon Greenert, Chief of Naval Operations, “Cyber, our radar and communication, everything. If you control the electromagnetic spectrum, you control the fight.”
Imagine the possibilities of infiltrating a secured wired network by sniffing and manipulating electromagnetic waves. Next to the military’s targetable EMP beam weapon, this has to be the most fascinating cyber warfare research currently being undertaken.