Sign Me Up For
The Free Assessment

 

HACKER ALERT: “CRASH OVERRIDE” took down a power-grid

What is it with hackers trying to sabotage or control everything?

Way back there was Stuxnet which was responsible for causing substantial damage to Iran’s nuclear program. It does not stop there, Stuxnet is a computer worm that targets industrial control systems that are used to monitor and control large scale industrial facilities like power plants, dams, waste processing systems and similar operations.

And now malware has really evolved to a whole new different level. Cyber security researchers have found real-life evidence that a malware exists that was able to take down a portion of the electric transmission station north of the city of Kiev. They were able to black out for an hour a fifth of its total power capacity. What is alarming is that it seemed to be a dry run only due to the fact that they could have taken it down indefinitely. Mind you, this happened a week before Christmas last 2016.

An excerpt from a wired.com article has stated that:

” Cybersecurity firms ESET and Dragos Inc. plan today to release detailed analyses of a piece of malware used to attack the Ukrainian electric utility Ukrenergo seven months ago, what they say represents a dangerous advancement in critical infrastructure hacking. The researchers describe that malware, which they’ve alternately named “Industroyer” or “Crash Override,” as only the second-ever known case of malicious code purpose-built to disrupt physical systems. The first, Stuxnet, was used by the US and Israel to destroy centrifuges in an Iranian nuclear enrichment facility in 2009. ”

Think of it this way, since the proof of concept has been ran and found to be successful; others would follow suit. The code can be compartmentalized to be swappable to suit their needs according the specified target they want to take down. It can take down larger power-grid installations and could possibly be spread to a widespread area and longer lasting effects.

As I have mentioned earlier that it can be compartmentalized, meaning to say it is modular and adaptable to suit their needs; this can be used on any critical infrastructure all around the world. In a nutshell, the attack has been developed into a platform that in turn can be updated to accommodate future attacks

Although this is not the first time a power grid was taken down, this is the first time it has been done automated. Previous attempts were made by breaking in the facility and turning it off manually.

Dubbed as “Crash Override”, it could perform blackout attacks on a systematic approach which is through the digital network. What is to stop them from targeting a larger region?

Learning from the way Stuxnet devised their attack, Crash Override can also do the same. They could make it more portable and be injected to a system not connected to the internet which is pretty much what is know in the computer world as a “logic bomb”. It can be pre-set to do what ever it is designed to.

One thing is for sure as per cyber security researchers, once Crash Override has infected Windows machines on a victim’s network, it automatically maps out control systems and locates target equipment. The program also records network logs that it can send back to its operators, to let them learn how those control systems function over time.

What was once thought as science fiction and only happens in the movies, is now reality. Should we be scared and alarmed? In my opinion, YES. If this is going to be a fast paced trend anytime soon, nobody knows what our future will be without electricity. What else can they think of next to cause chaos?

 

Written by

No Comments Yet.

Leave a Reply

Message

[contact-form-7 id="5555" title="Mobile Form"]