Following an investigation by the Department of Homeland Security, an unidentified power company found that a hostile computer virus was to blame for the shutdown of a turbine that brought a power plant in its system offline.
A contractor hired to work for the utility unwittingly introduced the virus into the system via a compromised USB drive containing the virus, according to the DHS’ report. The drive contained “phishing” software used by scam artists to gain access to people’s personal information in the furtherance of identity theft.
The report did not publicly reveal the location of the plant or the name of the utility operating it.
According to reports, the DHS arm that handles cyber crime, the Industrial Control Systems Cyber Emergence Response Team or ICS-CERT, responds to nearly 200 cyber incidents reported by companies in the energy sector – many of which specifically target employees.