BBC News reports that the latest quarterly newsletter of the U.S. Industrial Control Systems Cyber Emergency Response Team (the ICS-CERT Monitor), produced by the Department of Homeland Security, details two power plants in the United States affected by malware attacks in 2012. According to the ICS-CERT Monitor, at one power generation facility, “both common and sophisticated malware had been discovered in the industrial control system environment.” The newsletter further explains that the “malware was discovered when an employee asked company IT staff to inspect his USB drive after experiencing intermittent issues with the drive’s operation.” The result was the discovery of malware that included “one sample linked to known sophisticated malware.”

In the second reported incident, ICS-CERT was contacted “to report a virus infection in a turbine control system which impacted approximately ten computers on its control system network.” The subsequent investigation by the ICS-CERT team revealed that, “a third-party technician used a USB-drive to upload software updates during a scheduled outage for equipment upgrades. Unknown to the technician, the USB-drive was infected with crimeware. The infection resulted in downtime for the impacted systems and delayed the plant restart by approximately three weeks.”