CRASHOVERRIDE: Malware That Took Down A Ukraine Power Grid?
It seems as though there has been an increasing number of malware attacks and hacks over the last few years with the world becoming more interconnected. The most recent was the WannaCry Ransomware attack that locked out thousands of computers over 130 countries.
One attack late last year resulted in a power grid being shut down for an hour in Kiev, Ukraine just before Christmas. Researchers looking into the attack have finally uncovered more about the attack, and it could lead to a nightmare scenario in the wrong hands.
Ukraine has been subject to two major cyberattacks in 2015 and 2016, both believed to have been perpetrated by Russia and both resulting in the shutdown of major power grids. The first attack, though, was discovered to be a manual attack. The hackers in 2015 were able to physically access Ukraine's networks and utilities, manually shutting down electrical substations.
The 2016 hack, on the other hand, was a fully automated attack. The program was able to access to the network and issue commands to change power flow. As mentioned, this resulted in the loss of power to a Kiev power grid for nearly an hour before turning back on.
This was discovered by two cybersecurity firms — Slovakian firm ESET and Maryland's Dragos, Inc — and was named CRASHOVERRIDE. Aside from the capabilities, it was discovered that this was also a program similar to the Stuxnet program used in an attack on Iran's nuclear program in 2009. In both cases, the malware was discovered to be purposely built to attack physical systems.
While the attack was resolved quickly, the potential threat of the program is alarming. As mentioned, this is a program designed for a specific target and can issue commands. This means that circuit breakers are open targets for anyone using this, and if coded properly, can scale from a specific target to, possibly, an entire city.
The other potential discovered is that the program could cause physical damage to the target. This sort of damage could make a situation like what happened in Kiev worse because not only would the power be out, but it would stay out if the damage is done. Considering the sizable targets across the United States, this could be a nightmare scenario to government and security officials.
While there are steps that can be taken to try and prevent such an attack, this is just a stark reminder of how dangerous the modern world is for people in all walks of life.
Kevin Billings Tech Times editor Kevin Billings is a born geek at heart. Whether it's video games, movies, tv, comics, or tech, you will likely find Kevin there. And he feels gratified in his passions now that geek culture has come to dominate mainstream pop culture.