Hackers believed to be allied with the Russian government have devised a cyberweapon that has the potential to be highly disruptive against the world's electrical systems, researchers have reported.
The malware, which researchers have dubbed CrashOverride or Industroyer, is known to have disrupted the electrical system in Ukraine in December, briefly shutting down one-fifth of Kyiv's electric power.
Dragos, one of the cybersecurity firms that identified the malware in a report on June 12, said Russian government hackers had shown an interest in targeting power grids in other countries as well, including the United States.
The malware is capable of attacking power systems across Europe and Asia, and "with small modifications" could be used in the United States to cause outages of up to a few days in portions of the grid, Dragos said.
With modifications, the malware could also attack other types of critical infrastructure, including local transportation providers, water systems, and natural gas suppliers, Dragos said.
News of the discovery prompted the U.S. Department of Homeland Security to advise all critical infrastructure operators to make sure they were following recommended security practices on June 12.
Dragos named the group that created the new malware Electrum, and said it had high confidence that Electrum used the same computer systems as the hackers who attacked Ukraine's electrical grid in the earliest known incident in December 2015.
The 2015 attack, which left 225,000 customers without power, was carried out by Russian government hackers, U.S. researchers have concluded, and was linked to a group called Sandworm, which is believed to be associated with the Russian government.
Related: Is Canada’s Oil Production Ready For A Resurgence?
Dragos said Sandworm and Electrum might be the same group, or two separate groups working within the same organization, but the forensic evidence shows they are related.
The malware samples from the 2016 attack in Ukraine were first obtained by ESET, a Slovakian research firm, which shared some of them with Dragos. ESET has dubbed the malware Industroyer, while Dragos calls it CrashOverride.
Industroyer or CrashOverride was specifically tailored to disrupt or destroy industrial-control systems, and represents the most powerful threat since Stuxnet, a worm created by the United States and Israel to disrupt Iran’s nuclear capability.
More Top Reads From Oilprice.com:
- Record Breaking U.S. Exports Could Hurt Oil Markets
- Conflicting News Keeps Oil Prices Down
- Is Russia Running Out Of Patience With OPEC?
The utility companies have all the rights of way already in place. You could build three separate systems, in case one, or two, got damaged. Bury them 3 feet underground, inside schedule 80 PVC pipe. You won't cut that without using a backhoe, or drill attachment on a tractor. A foot of concrete poured over it would make accidentally cutting it a very rare event. It would last thousands of years down there. And the construction would employ thousands of people and take a long time. But it would be well worth it. If we can build 45,000 miles of Interstate Highways, we can build the Powernet. And unlike roads, once built, Powernet will require little maintenance.
I would keep any needed command and control centers well inland, so that in the event of a surprise nuclear attack, they could function as long as possible. You could put them inside mountains, so that only a major nuclear power like Russia or China would have missile guidance systems accurate enough to destroy them with a nuclear near miss. The Russians and Chinese are unlikely to attack, since they know our submarines would vaporize them inside nuclear fireballs an hour later. Lesser powers, like North Korea, might try an attack as they are going down in a conventional war. And spending a few billion extra to drill into mountains will put more people to work. It wouldn't be as expensive as something like NORAD, or what Putin and Xi have.
I don't care if it adds a couple of dollars a month to my electric bill. It would be the best investment the US government ever made, because eventually, hackers from somewhere will find a way to shut the grid down. That will kill many millions. The clock is ticking.