Skip to main content

Cyber firms warn ‘Industroyer’ malware could knock out power grids

malware industroyer critical infrastucture 13920697  high voltage post tower sky background
The December 2016 power grid hack in Ukraine that plunged part of that nation’s capital, Kiev, into darkness for several hours was an alarming display of the capabilities of skillful hackers determined to bring chaos to communities by knocking out critical infrastructure.

On Monday, two cyber security companies — Slovakia-based anti-virus software outfit Eset, and American firm Dragos that deals with critical-infrastructure security — claimed to have identified the malware that caused the disturbing power outage.

Related Videos

Known by the names Industroyer and Crashoverride, they warned that it could be repurposed with little effort by other groups intent on causing further havoc around the world targeting not only power supply operations, but also water and gas systems, and transportation networks.

Industroyer is believed to be considerably more advanced than the malware used in another attack on Ukraine’s power grid a year earlier, in December 2015.

Eset said it’s been studying the malware for a number of months and recently shared its data with Dragos, leading it to conclude that it’s same as that used in the Ukraine incident in 2016.

Robert Lee of Dragos suggested this week that the Kiev transmission substation targeted in last year’s incident “may have been more of a proof of concept attack than a full demonstration of the capability in Crashoverride,” though at this stage he said he couldn’t be certain.

Either way, Eset senior malware researcher Anton Cherepanov said the Kiev attack “should serve as a wake-up call for all those responsible for the security of critical systems around the world.”

The researcher described Industroyer as particularly concerning because “it’s capable of controlling electricity substation switches and circuit breakers directly. To do so, it uses industrial communication protocols used worldwide in power supply infrastructure, transportation control systems, and other critical infrastructure systems (such as water and gas).”

The work of Eset and Dragos highlights the need for governments around the world to bolster their defenses against highly damaging cyberattacks capable of causing widespread disruption to critical infrastructure. Rather than for monetary gain, such acts of cyberwarfare are often thought to be backed by nation-states as they have the potential to cause chaos within society and reduce a population’s confidence in its own government. It’s not certain who’s behind the Ukraine cyberattacks, though coming during a period of conflict with neighboring Russia has prompted some to suspect it could be the work of hackers based there.

News of the security firms’ discovery led the U.S. Department of Homeland Security to contact all critical infrastructure operators to ensure they are following recommended security procedures, Reuters reported on Monday.

Cherepanov added that hackers “could adapt the malware to any environment, which makes it extremely dangerous.”

Editors' Recommendations

You could be creeped out by Bing Chat on the go soon
Microsoft Edge browser is open on an iPhone.

Microsoft's latest changes to Bing Chat must be making the company feel more comfortable with the AI's stability. Microsoft is pressing forward, it seems, as a mobile version has been spotted by a few people who received early access.

Microsoft announced in a February 7 blog post that a mobile experience would be available soon. Less than two weeks later, it is beginning to arrive, despite the recent trouble with Bing Chat becoming unhinged and declaring that it wants to be human.

Read more
Experts fear ChatGPT will soon be used in devastating cyberattacks
The ChatGPT name next to an OpenAI logo on a black and white background.

ChatGPT has taken the world by storm in recent months, but just as it has amazed people with its technical capabilities, concerns have also been raised over its potential misuse. Now, it seems some IT leaders are worried it will soon be used in major cyberattacks, with the potential to cause devastation in the future.

In a survey of 1,500 IT and cybersecurity professionals conducted by BlackBerry, 51% of respondents believed that ChatGPT will be responsible for a successful cyberattack in the next 12 months. As much as 78% feel that attack will happen within two years, while a handful think it could happen within the next few months.

Read more
Hack involved the data of a nation’s entire population
A depiction of a hacker breaking into a system via the use of code.

Hackers are well known to nab customer data held by companies, but obtaining the personal data of pretty much all of the residents of a single nation in one fell swoop takes the nefarious practice to a whole new level.

The remarkable feat was allegedly performed by a 25-year-old Dutch hacker who, when arrested by police, had in his possession personal data linked to pretty much every resident of Austria -- about nine million people.

Read more