Computer Virus Threatens Power Grid in Australia


« Computer Security Researchers Take Control of a Botnet | Main | Largest Phishing Ring Busted by FBI »

10/07/2009



Computer Virus Threatens Power Grid in Australia

Kevin R. Smith
Co-Editor


Just a few days into October and already there's news of a computer virus attack that's,

"...wreaking havoc with Integral Energy's computer network, forcing it to rebuild all 1000 of its desktop computers before the 'particularly sinister' bug spreads to the machines controlling the power grid."

Yuck.

We learned of this from the Sydney Morning Herald, one of Australia's most highly regarded daily newspapers.

The article quotes an Integral Energy spokesman as saying they had to, rebuild all desktop computers to contain and remove the virus.

Double yuck.

Now, if you're like me, one of the first questions you'll likely ask is, "Didn't they have antivirus software installed?"

Well, according to the article, yes. In fact.

"Integral Energy said the virus was the W32.Virut.CF strain, which computer security company Symantec describes on its website as 'a particularly sinister file infector' that spreads quickly and 'is proving difficult to remove from infected networks'.

"Ironically, Integral Energy's computer networks are protected by a Symantec security solution, a source said. Symantec has had a virus signature for W32.Virut.CF since February."

[Editor's note: Symantec is perhaps best known for their A/V software Norton Antivirus.]

This brings up the next question: How did the virus evade detection by the antivirus security software. Although I don't have evidence of this, typically, corporations don't run the consumer version of software but so-called "corporate" editions, which commonly have advanced heuristics and central management consoles for managing all the desktops from one central location.

In many cases, when antivirus firewall software is installed into a corporate environment, the software may even be the Internet security suite version of a particular product.

 Given that they were probably running business antivirus software, I'm even more puzzled how it went undetected. Was this really a case where:

  1. the antivirus software failed
  2. human error allowed it to go unnoticed
  3. an insider intentionally set the virus loose on the network
  4. some combination of the above

We'll be following this story closely to see what develops. Hopefully, more light will be shed on this outbreak so we can help our business and home users alike prevent such a PC virus from hitting their computers.

TrackBack

TrackBack URL for this entry:
http://www.typepad.com/services/trackback/6a0133f40d81f4970b013487649103970c

Listed below are links to weblogs that reference Computer Virus Threatens Power Grid in Australia :

Comments

You can follow this conversation by subscribing to the comment feed for this post.

The comments to this entry are closed.