Last December, hackers targeted an electric transmission station in Ukraine, causing approximately one-fifth of the city to go dark. Earlier this month, Cyber security firms DSET and Dragos Inc. released a report on the malware, suggesting an alternative utility for the event.
They’re calling the attack a potential “dry run” for the malware to be adapted and used on a larger scale. “Nothing about this attack looks like it’s singular,” said Robert M. Lee of Dragos.
Nicknamed “Industroyer” or “Crash Override”, it is only the second known malware that targets industrial control systems in order to disrupt their functioning. Stuxnet captured the attention of cyber security exerts after its existence was made public in 2010. The US-Israeli worm however was released for military purposes, to delay the enrichment of uranium needed for the production of nuclear weapons in Iran. The world of nuclear weapons and the world leaders who wield them operates somewhat outside the civilian sphere. Malware that affects public infrastructure, however, has the potentiality to be wide-reaching.
Ukraine is not a stranger to Russian-initiated blackouts. In 2015 hackers remotely controlled power grids to deprive 225,000 people of power. This specific malware functions by scanning industrial systems, manipulating their settings, and opens circuit breakers to cause the power cut. Once the malware infects a Windows machine on the target’s network, it can map and obtain network logs and send the information back to the proverbial mothership.
Crash Override’s newfangled ability to both physically affect power grids and serve the function of an information-driven computer network operation should serve as a wake-up call. The successful one-hour long operation in Ukraine could serve as a springboard for affecting infrastructure in Europe or North America.
Some nations have built their critical infrastructure to be more resilient to disruption, however. The United States and many coast-bearing nations prepare themselves for natural disasters and for operating infrastructure manually, instead of relying on software.
Politicians often spout imaginary disaster scenarios to encourage funding resilient infrastructure, but it seems a real weapon is looming over the West. “It’s the culmination of over a decade of theory and attack scenarios,” Caltagirone told the Washington Post. “It’s a game changer.”
By Kate Dinnison