Hackers have developed powerful malware that can shut down electricity distribution systems and possibly other critical infrastructure, two cyber-security firms announced Monday, with one report linking it to Russia.
Security researchers from ESET and Dragos have discovered a brand new malware strain that was specifically built to target equipment installed in power grids, and which has already been deployed in live attacks in Ukraine.
These attacks took place on December 17, 2016, and have shut down electrical power distribution to a large area of Kiev, Ukraine's capital.
The incident must not be confused with another cyber-attack that targeted Ukraine in December 2015, which also shut down power supply to large areas of western Ukraine. Those incidents were caused by another ICS malware named BlackEnergy.
2016 attacks caused by Industroyer malware
The strain detected in December 2016 was found by ESET security researchers, who named it Industroyer. ESET says the malware does not share code with BlackEnergy and appears to have been created from scratch.
Experts say Industroyer was designed to target only a specific set of industrial equipment, usually found in the networks of power distribution companies, such as electricity substation switches and circuit breakers.
In a survey last year, Dragos experts found that most industrial systems get infected with malware by accident, and it's usually with commodity malware such as worms, trojans, and ransomware that infect computers controlling ICS/SCADA gear, and not necessarily the equipment per se.
According to Shodan.io founder John Matherly, there are over 100,000 different types of industrial control systems currently connected to the Internet.
0 comments:
Post a Comment