Nuclear power plants finally infected with malware

[Human No More]

Actually, controlling USB devices is trivial if you throw money at it or have a good build process - or just have software report on connected USB devices so you can isolate the responsible PC and send security over

Skype uses a specific port range and is really not hard to detect; it even requires a return port to be forwarded for it to be used for incoming calls.

Nobody said anything about ' automatically detect malware and then set SCADA devices to a safe state' - you're building straw men again.

Remember, if parameters go out of the safe range, it causes a shutdown; not initiates. If someone turns terrorist and tries to disable pumps, that would just shut it down once the coolant is too low, which is not SCADA-controlled. I have already admitted that yes, some reactors are still in operation that certainly should not be due to age, but that is simply due to underinvestment and the weakness of all other forms of energy generation that do not use oil and gas. Equally, yes, the terrorist would likely cause a localised power outage, but they could do the same at any energy type far more easily.

If someone wants to use a printer and brings in a flash drive, he is not only directly violating policy and at risk of being fired, but if their admin is anywhere near competent, he will have locked down USB access, have reporting software to show any attempted access to removable storage or services like dropbox, and audit logs of actions.

In Iran, the centrifuges were for refinement and not part of a reactor; they also shut down safely even if they did sustain damage - remember, this was a system set up by a literal rogue state run by people still stuck in the 16th century, and yet nothing bad happened even there.

Nothing is provably completely secure, yes, which is exactly why failsafe systems are built in that do not rely on humans.