Hackers Are Using Infected USB Drives to Attack Critical Infrastructure

AP Images
AP Images

Government-sponsored hackers are using a clever trick to attack critical infrastructure like nuclear power plants, dams, and oil refineries. According to Eric Knapp, chief cybersecurity engineer at Honeywell, one third of malware found in critical infrastructure came from USB drives plugged in by users.

Advertisement

Instead of trying to hack the actual infrastructure, which has beefed up security, hackers target the corporate side of the infrastructure operation, which is typically more vulnerable. The specially crafted malware infects USB drives that are being used by employees, then infects the control system of the critical infrastructure when it’s plugged in on that side.

“There’s still a need for information to flow between the business and the control system,” Knapp told Bloomberg. “The bad guys know that they need to go in that way so they’re designing their attacks to take advantage of that.”

Advanced malware like Stuxnet, which was created by the United States and Israel, specifically targeted Iranian nuclear facilities. The virus looked like normal software to nuclear power plant operators, but it slowly degraded the plant, eventually leaving the Iranians with no other option than to shut it down.

In March, United States prosecutors accused an Iranian hacker of breaking into a dam in Rye, New York, one of the first publicly acknowledged attacks on U.S. infrastructure. The hacker didn’t get very far, probably because it was a broken-ass dam.

[Bloomberg]

Advertisement

Staff Writer, Gizmodo | Send me tips: william.turton@gizmodo.com

DISCUSSION

special_k_side
special_k_side

Uhm, most financial systems I have worked with lock themselves down when a USB drive is inserted into a BIOS Disabled USB port. I know, it is overkill, but how is this not more common with infrastructure?