Several offshore oil rigs have been infected with malware accidentally downloaded from its workers’ personal computers. The malware seems to be originating from pirated videos and music that has been downloaded through the satellite connections used by the rigs, as well as pirated material that were already existing on the workers' computers. These malware attacks shed light on several security gaps that could lead to serious dangers, from well blowouts to fatalities.
The malware attacks have knocked several oil rigs and platforms offline. A facility in the Gulf of Mexico has their systems locked up due to the malware. Misha Govshteyn, co-founder of Alert Logic – a network security company, says “They literally had a worm that was flooding their network, and they’re out in the middle of the ocean."
Jack Whitsitt, the principal tactical analyst for the National Electric Sector Cybersecurity Organization, stated that typical malware infections may not seriously affect the systems, but there could be a tailored attack, that involves widely distributing malware, that could cause extreme damages. A good example would be the Stuxnet worm that infected computers connected to centrifuges at an Iranian nuclear facility. The worm used the infected computers to manipulate and destroy many of the centrifuges. Because of an incident like that, Whitsitt wants to take all of the steps necessary in ridding the malware from the oil rigs' systems and protecting the systems from future attacks.
Many of these malware attacks could have been prevented with anti-virus systems and updated system software. However, it seems that many of the infected oil rigs opted against investing into cyber-security systems, which is why an outbreak of malware like this was able to occur. The infected oil rigs, and many rigs who currently don't have cyber-security protection, will begin to take cyber threats seriously in the future in order to prevent an incident like this from occurring in the future.
[via Houston Chronicle]