(Image: file photo)
Russian-aligned hackers have built a cyberweapon that can directly control electricity substation switches and circuit breakers — potentially bringing swathes of a country’s population offline and causing massive disruption.
The malware, dubbed “Industroyer,” targets critical power supplies by attacking industrial communications devices used on a power network.
The malware works in four modular parts, said researchers at security firm Eset in a Monday blog post. At its core is a backdoor that allows other components to install, which are remotely controlled by a command server hosted on the Tor anonymity network, making it almost impossible to trace. Hackers can use the malware to carry out a series of “cascading failures,” resulting in forcing offline power supplies and causing damage to equipment.
That’s largely what happened in 2015, when hackers — said to be associated with Russia — attacked a critical power supply in Ukraine, during a time when relations between the two states were fractious after Russia annexed the Crimean peninsula in 2014.
Researchers are now saying that the Industroyer malware was “likely” behind that cyberattack in Ukraine, which left more than 225,000 customers in the dark two days before Christmas.
But the security researchers have warned that the attack may have been a “large-scale test,” and could be easily “refitted to target other types of critical infrastructure.”
“The recent attack on the Ukrainian power grid should serve as a wake-up call for all those responsible for the security of critical systems around the world,” said Anton Cherepanov, a senior malware researcher at Eset.
In areas of high population, researchers say there could be significant harm to vital services, like hospitals and transport.
ZDNET INVESTIGATIONS
US government pushed tech firms to hand over source code
At the US border, expect discrimination, detention, searches, and interrogation
Leaked: TSA documents reveal New York airport’s wave of security lapses
Meet the shadowy tech brokers that deliver your data to the NSA
Trump aides’ use of encrypted messaging may violate records law
An unsecured database leaves off-the-grid energy customers exposed
Inside the global terror watchlist that secretly shadows millions
Security flaws in Pentagon servers “likely” under attack by hackers
Revealed: How one Amazon Kindle scam made millions of dollars
US government subcontractor leaks confidential military personnel data