Since last year, Ukraine has suffered a number of power failures because of various cyber attacks. In December 2016, hackers, allegedly believed to be from Russia caused a deliberate power cut in a number of Ukranian households. The month was particularly chosen because of it being the coldest among the rest. Recently, the malware that caused the power outage was detected in wild. It has been named “Crash Override” by the security firm, Dragos.
An electric grid system has never got attacked by any malware before. Crash Override, the first of its kind, can be expected to cause a tremendous amount of hassle if used for various impairment operations. Power cut on December 17 in Kiev, the capital Ukraine was just a try-out of this dreadful malware. Since all the features of the malware weren’t turned on, the power outage lasted for only a few hours. However, the malware has a capacity to cause clutter that may last for several weeks.
Crash Override is nowhere close to the general purpose tools used by the same group of hackers to attack Ukranian electric grids in December 2015. It uses the same supposedly impenetrable protocols that are used by the electric grids to communicate with one another. Also, the malware has an ability to adapt to various environments easily which makes it very dangerous. Crash Override, also known as Industroyer takes advantage of Traditional Industrial setups were not made keeping security in mind. Once the attacker gets the control of power grid’s network, he doesn’t need to outstrip any passwords or encryptions. Everything is open for him to use. Disruptions caused due to this malware can directly affect important services.
Its capabilities are so obscure that the affected system doesn’t even realise its presence. Also, once the attack is made it can totally wipe its data. It creates an additional backdoor which is a disguised notepad application. It also causes the targeted systems to report incorrect information which prevents them from troubleshooting the actual problem.
The latest cyber attack didn’t cause any disastrous consequences but has given a hint of what this malware is capable of. Almost 1/5th of the power created by Ukraine was shut down by Crash Override.