Power Plant Off-Line Three Weeks Due to Malware

Jan. 24, 2013
I just got off the phone with Joe Weiss, noted control system cybersecurity consultant. He was filled with information, as always.

What do you think it would take to keep a power plant shut down for three weeks? Or even what the cost would be to take a power plant offline for that long? I'm thinking a crisis in the control system for the first answer, and more than a million dollars for the second.

Well, Weiss noted that ICS-CERT disclosed that a power plant was shut down for that long because of financial malware found on the control system network. That malware was apparently generated by "criminal software," which had been previously used to perpetrate financial crimes. Seems that a technician "unknowingly" inserted an infected USB computer drive into the network.

The IT department has a zero-tolerance policy for such malware and shut down the control system. Such industrial control system security authorities as ISA99 have been building a best practices around risk analysis and risk management. Such an analysis would have said that since the financial malware could not affect the control system and that the control system could easily be taken off the network, that it was a waste to shut down the plant.

His analysis:
- Control systems were designed to operate automatically independent of the network. In fact, a control system can continue to operate even with the network shut down.
- Many critical infrastructure control systems run Windows XP and Windows 2000 that have "auto run" features enabled by default making them an easy target for infection because malicious software loads as soon as a USB is plugged into the system unless operators change the setting (see Stuxnet). Many times, this includes turbine controls.
- Control system vendors use USBs to update firmware and other functions. There have been cases where the control system vendors' USBs contained malware.
- Little work has been done to determine if malware can impact control system performance. When do you care about the impact of the malware on control system performance?
- Patching control systems often is not done expeditiously because of the potential for shutting facilities down. Unfortunately this has already happened.
- There is a very significant cost when power plants and other large industrial facilities are not operating. This could be tens of thousands up to millions of dollars/day depending on the facility.

In this case, the IT department took the decision away from the plant manager and took action by default without looking at the situation or the business case.

Weiss concludes with the question, what if someone put even a placebo malware on a network with the sole intent of shutting down the process and IT shut the system down without a risk analysis?

Sponsored Recommendations

Why Go Beyond Traditional HMI/SCADA

Traditional HMI/SCADAs are being reinvented with today's growing dependence on mobile technology. Discover how AVEVA is implementing this software into your everyday devices to...

4 Reasons to move to a subscription model for your HMI/SCADA

Software-as-a-service (SaaS) gives you the technical and financial ability to respond to the changing market and provides efficient control across your entire enterprise—not just...

Is your HMI stuck in the stone age?

What happens when you adopt modern HMI solutions? Learn more about the future of operations control with these six modern HMI must-haves to help you turbocharge operator efficiency...

AVEVA™ System Platform: Smarter, Faster Operations for Enhanced Industrial Performance

AVEVA System Platform (formerly Wonderware) delivers a responsive, modern operations visualization framework designed to enhance performance across all devices with context-aware...