Schneider Electric has admitted that some of its USB drives may have been infected with malware. The drives, which house user guides and ‘non-essential software', were compromised at a supplier facility.
“Schneider Electric has determined that some USB removable media shipped with the Conext Combox and Conext Battery Monitor products were contaminated with malware during manufacturing by one of our suppliers,” said the company. “The malware
should be detected and blocked by all major anti-malware programs.”
Despite the simplicity of the malware, Scheider Electric is advising users not to load up the drives. In fact, it tells them to ‘securely discard' them and download the information from its site instead.
A Microsoft Partner
For the unfamiliar, Schneider Electric provides data center, residential, and healthcare solutions to reduce energy wastage. It has previously collaborated with Microsoft to power digital transformation in enterprise. Context ComBox is a communications and solar monitoring device. Battery Monitor is exactly what it sounds like.
As you would expect, security is important in the electricity industry, but the products affected aren't necessarily enterprise-focused. Due to the lack of sophistication, customers aren't at huge risk, but it does highlight the need for better checks and balances.
Unfortunately, though, this comes off the back of a more serious vulnerability. Last week, Schneider admitted vulnerability to CVE-2018-7789. The security flaw is present in its Modicon M221 logic controller and allows for remote reboots. An attacker could use it to disrupt industrial control systems, which is much more serious.
With sophisticated attacks from nation states become more common, it's important that companies constantly innovate on their product's security. You can only imagine the damage if the malware was more sophisticated.
You can read the full disclosure here.