New Strain of Malware Can Take Power Stations OfflineCrash Override disabled part of the electrical grid in Ukraine last year, and many more power stations could be susceptible, according to security experts.
ByTom Brant•
This story originally appeared onPCMag
A new strain of malware is responsible for a computer malfunction that triggered a power outage in Ukraine last year, according to security firms, who believe that it could be used to disrupt power grids in the U.S. and elsewhere.
The malicious software, codenamed Crash Override, is the second malware program that can disable industrial systems like power plants, according to areportfrom the software security firm Dragos. The first, calledStuxnet, was reportedly developed by the U.S. government and successfully used to disable parts of the Ukranian power grid in 2015.
It's unclear who is behind the Crash Override attack, which took place last December. Ukrainian officials have accused Russia of orchestrating it, which Moscow has denied,Reutersreported. Dragos identified a hacker cell known as Electrum as the malware's authors, and it suspects that the group is related to the Sandstorm hackers responsible for the 2015 attack.
Crash Override works by hijacking a power plant's computers in order to create a software loop that forces its circuit breakers to stay open, thereby taking the plant offline, according to the Dragos report. The only way to stop it is for a repair crew to manually assume control of the breakers to close them. Crash Override's methods could likely work for any power station with computer-controlled breakers, and could even be expanded to affect other industrial plants.
“这是一个镍ghtmare," Dragos CEO Robert Lee told theDaily Beast. "The malware in its current state would be usable for every power plant in Europe. This is a framework designed to target other places."
The North American Electric Reliability Corp., the industry group responsible for power grid security in the U.S., said that is aware of the malware and working with its member companies to come up with a defense, according to theDaily Beast.
