Dive Summary:
- A new report from the Department of Homeland Security shows that during the fiscal year ending on September 30, 2012, 198 cyber incidents were reported by companies to the department's Industrial Control Systems Cyber Emergency Response Team, and more than 40% of those attacks involved the energy sector.
- Attacks at an electric utility and power generation facility involved infections from USB devices in situations were companies believed that their systems were secure.
- An October incident saw a virus compromise a turbine control system, impacting about ten computers after malware entered through a third-party technician using a USB drive.
From the article:
"... The report detailed a number of recent discoveries of malicious software in control systems, including one at an electric utility and another at a power generation facility, both of which were infected by USB devices. Like many organizations, these energy companies believed they had effectively quarantined the networks controlling production facilities from their business IT networks. ..."
