Cyber Firms Warn of Malware That Could Cause Power Outages

Malicious Software – Modified with Ease Harming Critical Infrastructure

It was recently noted that malicious software had been uncovered by two cyber security firms which is presumed to have caused a December 2016 Ukraine power outage, cautioning that the malware could be modified with ease in harming critical infrastructure operations all over the world.

A Slovakian maker of anti-virus software – ESET together with Dragos Inc. a U.S. critical-infrastructure security firm had released information analyses of the malware called Industroyer or Crash override and had dispensed private alerts to governments as well as infrastructure operators to assist them in defending against the threat.

The U.S. Department of Homeland Security had mentioned that they were investigating the malware but it had not perceived any evidence to put forward that it had infected U.S. critical infrastructure. The two firms had stated that they were not aware of who had been behind the cyber-attack. Ukraine had put the blame on Russia but the officials in Moscow had denied the blame constantly.

The firms still cautioned that there could be added attacks utilising the same method by the group that built the malware or by imitators who alter the malicious software. ESET malware researcher Robert Lipovsky had stated in a telephone interview that the malware was easy to repurpose and utilise against other targets which was certainly alarming and could cause wide-scale destruction to organization systems that are dynamic.

System Compromised by Crash Override

That warning had been verified by the Department of Homeland Security stating that it was working to understand better the threat posed by Crash Override. The agency had mentioned in an alert post on its website that `the tactics, techniques and procedure described as part of the Crash override malware could be modified to target U.S dangerous information networks and systems’.

 The alert had posted around three dozen technical indicators that a system had been compromised by Crash Override and requested firms to contact the agency if they had doubted that their system had been compromised by the malware. Robert M. Lee founder of Dragos had stated that the malware had the potential of attacking power systems all over Europe and had the tendency to be leveraged against the United States with small modifications.

Risk to Power Distribution Organizations

Lee had further mentioned by phone that` it is able to cause outages of up to a few days in portions of a nation’s grid but is not strong enough to bring down an entire grid of a country’. Lipovsky had stated that through modifications, the malware could attack other kinds of infrastructure comprising of local transportation providers, gas and water providers.

A leader of Kroll’s cyber security practice, Alan Brill had mentioned in a telephone interview that power firms are concerned that there will be more attacks. He further added that they have been dealing with very smart people who came up with something and deployed it. It represents a risk to power distribution organizations everywhere.

Industroyer had been the only second piece of malware that has been uncovered till date which has the potential of disrupting industrial process to manually intervene, without the help of hackers. Stuxnet was first discovered in 2010 and is generally believed by security researchers to have been utilised by the United States as well as Israel for attacking nuclear program of Iran. The Kremlin and Federal Security Service of Russia had refrained from replying to their request for clarifications.