Power grid virus

Seems parts of the worlds power grids are ready and primed with a nice attack vector and are just waiting for the kill code…..


The shutdown of Ukraine’s power grid last year was just a warning shot for the world.

Say hello to Industroyer, a nasty bit of malware that also goes by the name Crash Override. It targets circuit breakers and is able to hijack electrical systems from afar by taking advantage of communication protocols for power supply infrastructure, transportation controls, and water and gas systems used all over the world, according to cybersecurity researchers who posted their discovery on Monday.

We blogged about the Ukraine attack back in March 2016.

What impressed me back then was the deliberate patience of the guys behind the attack. This was no rush job by some power giddy script kiddies.
Seems we are in for more of the same.

The researchers who discovered Industroyer warn it can be used to do significant damage to electrical power systems, and can be modified to hit other kinds of infrastructure. That makes it the biggest threat to industrial systems since Stuxnet in 2010.

“Attackers could adapt the malware to any environment, which makes it extremely dangerous,” wrote Anton Cherepanov, a malware researcher at IT security company ESET.

Here is the telling bit (to me);

From the way Industroyer is written, ESET suspects the authors know a lot more about power grids than the average hacker.

“This malware is definitely the work of extremely dedicated, resourceful and capable attackers with deep knowledge of the architecture and systems in power grid substations,” said Robert Lipovsky, an ESET researcher.

Its features are so hidden that the infected system believes everything is normal, and Industroyer wipes all its traces once the job is done. Some of its tricks include creating an additional backdoor, disguised as the Notepad application. It can also be written to only work during non-working hours, so people can’t stumble across it in action.

Its “time bomb” feature lets the hackers coordinate and set off attacks simultaneously, potentially causing massive outages in multiple areas.

“The recent attack on the Ukrainian power grid should serve as a wake-up call for all those responsible for the security of critical systems around the world,” Cherepanov said.

We are getting to the point where the guys that used to work in the system are now retired, jaded with the way ‘the man’ has taken the prime of their lives and they are out to say farewell to the world in a rather spectacular manner…. There is little point having all this knowledge of ‘the system’ in your head and not being able to use it, you are no longer appreciated for what you know or for your past service, so why not press that knowledge into one last hurrah.

The old joke about the last person leaving the country turning out the lights…. Yeah, not as funny now as then….