Skip to main content

Attacks against the U.S. energy sector represented 41 per cent of the total number of cyber-security incidents in fiscal 2012, according to a recent government report.

Henrik Jonsson/iStockphoto

A computer virus attacked a turbine control system at a U.S. power company when a technician unknowingly inserted an infected USB computer drive into the network, keeping a plant off line for three weeks, according to a recent U.S. government report.

The Department of Homeland Security said criminal software, which is used to conduct financial crimes such as identity theft, was behind the incident.

It was introduced by an employee of a third-party contractor that does business with the utility, according to the agency.

Story continues below advertisement

DHS reported the incident, along with a second involving a more sophisticated virus, on its website as cyber experts gather at a high-profile security conference in Miami known as S4 to review emerging threats against power plants, water utilities and other parts of the critical infrastructure.

Interest in the area has surged since 2010 when the Stuxnet computer virus was used to attack Iran's nuclear program. Although the United States and Israel were widely believed to be behind Stuxnet, experts believe that hackers may be copying the technology to develop their own viruses.

The agency's Industrial Control Systems Cyber Emergence Response Team (ICS-CERT), which helps protect critical U.S. infrastructure, said that the power plant incident occurred in October, though it described it in a quarterly newsletter that was accessed via its website on Wednesday.

That report described a second incident in which it said it had recently sent technicians to clean up computers infected by common and "sophisticated" viruses on workstations that were critical to the operations of a power generation facility.

The report did not say who the agency believed was behind the sophisticated virus or if it was capable of sabotage. A DHS spokesman could not immediately be reached for comment.

The Department of Homeland Security rarely identifies critical infrastructure operators that are hit by viruses, but it does provide statistics.

It said ICS-CERT responded to 198 cyber incidents reported by energy companies, public water districts and other infrastructure facilities in the fiscal year ending Sept. 30, 2012.

Story continues below advertisement

Attacks against the energy sector represented 41 per cent of the total number of incidents in fiscal 2012. According to the report, ICS-CERT helped 23 oil and natural gas sector organizations after they were hit by a targeted spear-phishing campaign – when e-mails with malicious content are specifically targeted at their employees.

The water sector had the second highest number of incidents, representing 15 per cent.

Report an error
Due to technical reasons, we have temporarily removed commenting from our articles. We hope to have this fixed soon. Thank you for your patience. If you are looking to give feedback on our new site, please send it along to feedback@globeandmail.com. If you want to write a letter to the editor, please forward to letters@globeandmail.com.

Welcome to The Globe and Mail’s comment community. This is a space where subscribers can engage with each other and Globe staff. Non-subscribers can read and sort comments but will not be able to engage with them in any way. Click here to subscribe.

If you would like to write a letter to the editor, please forward it to letters@globeandmail.com. Readers can also interact with The Globe on Facebook and Twitter .

Welcome to The Globe and Mail’s comment community. This is a space where subscribers can engage with each other and Globe staff. Non-subscribers can read and sort comments but will not be able to engage with them in any way. Click here to subscribe.

If you would like to write a letter to the editor, please forward it to letters@globeandmail.com. Readers can also interact with The Globe on Facebook and Twitter .

Welcome to The Globe and Mail’s comment community. This is a space where subscribers can engage with each other and Globe staff.

We aim to create a safe and valuable space for discussion and debate. That means:

  • Treat others as you wish to be treated
  • Criticize ideas, not people
  • Stay on topic
  • Avoid the use of toxic and offensive language
  • Flag bad behaviour

Comments that violate our community guidelines will be removed.

Read our community guidelines here

Discussion loading ...

To view this site properly, enable cookies in your browser. Read our privacy policy to learn more.
How to enable cookies