Environment & Energy
Related: About this forumU.S. Power Companies Warned Nightmare Cyber Weapon Already Causing Blackouts
U.S. Power Companies Warned Nightmare Cyber Weapon Already Causing Blackouts
http://www.thedailybeast.com/newly-discovered-nightmare-cyber-weapon-is-already-causing-blackouts
Seven minutes before midnight last Dec. 17, a bomb of sorts went off in a high-voltage substation north of Kiev.
But if you were standing outside the 20 acres of gleaming metal transformers and coils, you wouldnt have heard a bang or seen a flash. It wasnt that kind of bomb. It was a piece of malicious software that had been hiding in a control-room computer miles away, waiting for the right time to reveal itself. At 11:53 p.m., the logic bomb transmitted a staccato burst of pre-programmed commands to the substation, popping one circuit breaker after another until a strip of houses in and around western Kiev were plunged into darkness.
Technicians responded to the Pivnichna substation and took the circuit breakers off computer control, restoring power a little after 1 a.m. It was only the second confirmed case of a computer attack triggering an electrical blackout, and compared to the first, 12 months earlieralso in Ukraineit was a fizzle, affecting far fewer customers and for a fraction of the time. In the six months since the Kiev attack, security researchers have wondered why the hackers even bothered with such a fleeting disruption and speculated that someone was using Ukraine as a testing ground for a more serious attack.
Now that dark assessment seems to be confirmed. Researchers at two security companies on Monday announced theyve finally found and analyzed the malware that triggered the Kiev blackout, and its far worse than imagined. The computer code, dubbed CrashOverride by Maryland-based Dragos, and Industroyer by ESET in Slovakia, is a genuine cyber weapon that can map out a power stations control network and, with minimal human guidance, issue malicious commands directly to critical equipment. Only once before has the world seen malware designed for such sabotage, with the 2010 Stuxnet virus used against Irans nuclear program. CrashOverride is the first to target civilians and the first such malware built to target a nations power supply.
Its unclear who created CrashOverrride. Both ESET and Dragos say it was built from scratch, leaving none of the usual fingerprints that allow analysts to link one hacking campaign to another. Ukraine has faced a near-biblical plague of cyberattacks since entering into hostilities with Russia three years ago, and many have led unequivocally to Moscow. But not so with CrashOverride. The only thing thats certain, says security researcher Robert Lee, CEO of Dragos, is that the malware wasnt built as a one-time weapon. Its designed from the ground up to be easily reconfigured for a variety of targets and contains some payloads that werent even fired off in the Kiev attack.
Its a nightmare, Lee said. The malware in its current state would be usable for every power plant in Europe. This is a framework designed to target other places.
Throck
(2,520 posts)TheDebbieDee
(11,119 posts)Our nation could be crippled in a matter of days if only 2 or 3 good-sized cities were hit with power black-outs! The potential for expanding civil unrest would devastate and end us as a nation...
CrispyQ
(36,442 posts)The_jackalope
(1,660 posts)Russia has developed a cyberweapon that can disrupt power grids, according to new research
Hackers allied with the Russian government have devised a cyberweapon that has the potential to be the most disruptive yet against electric systems that Americans depend on for daily life, according to U.S. researchers.
The malware, which researchers have dubbed CrashOverride, is known to have disrupted only one energy system in Ukraine in December. In that incident, the hackers briefly shut down one-fifth of the electric power generated in Kiev.
But with modifications, it could be deployed against U.S. electric transmission and distribution systems to devastating effect, said Sergio Caltagirone, director of threat intelligence for Dragos, a cybersecurity firm that studied the malware and issued a report on Monday.
And Russian government hackers have already shown their interest in targeting U.S. energy and other utility systems, researchers said.
Its the culmination of over a decade of theory and attack scenarios, Caltagirone warned. Its a game changer.
CrispyQ
(36,442 posts)And the Trumpskins do not give a rat's.
kristopher
(29,798 posts)In the first place we are extremely cognizant of threats to our grid.
In the second we are moving with great deliberation to a much more redundant, resilient and stable grid designed around distributed renewable energy resources and island-able microgrids.
Thirdly, here is the study remark on the very limited expected effects:
"CRASHOVERRIDE could be leveraged at multiple sites simultaneously, but the scenario is not cataclysmic and would result in hours, potentially a few days, of outages, not weeks or more."
The_jackalope
(1,660 posts)Ten years ago that might have been true. While the risk to the grid may be minimal now, dark forces never stop developing their capabilities. I'm far less copacetic about the future impacts of electronic hacks on essential systems, especially when the dark forces have already shown an interest in targeting them.
Panicking never helps, but I do think it might be a good idea to take the long-term risks seriously, and start putting in multi-layered defenses against something like this. Or we could wake up one morning to find the metaphorical equivalent of "Two Scoops Quisling the Puppet POTUS" sitting in the heart of our power grid. I'd rather that didn't happen.
kristopher
(29,798 posts)...items of my previous post.