Meet Crash Override, the Superweapon of Hackers

Researchers have reported that hackers apparently allied with the Russian government and devised a cyber weapon which can disturb heavily the electrical system of the world.

Researchers have dubbed a malware as Industroyer or CrashOverride which is supposed to have disturbed the electrical system in Ukraine in December and shut down one-fifth of electric power of Kyiv temporarily. One of the cybersecurity firms, Dragos, reported that it has identified the malware and hackers of Russian government had shown interest in attacking power grids in other countries including the United States.

Dragos, a security firm, has named tool platform "Crash Override", which is first known framework of the malware that is designed to shut down systems of electric grid. Researchers of Dragos said that it was successfully used in what might be a dress rehearsal of hacking on electrical transmission sub-station of Kiev on 17th December. Though the outage in Kiev persisted only for some hours, many features of malware which were not used in Dec. hack have ability to cause disturbances which can continue for a week. Arstechnica.com posted on June 13th, 2017, stating that Crash Override is totally a new platform that was much more advanced than normal-purpose malware used by same group to attack power grid of Ukraine in December 2015.

The researchers claim that this new malware can shut down mass power automatically just like the one in the capital of Ukraine including swappable plug-in components which could enable it to be adapted to different electrical utilities and could be easily reused or even launched on several targets at the same time. They argue that those features recommend that Crash Override could impose outages far more extensive and longer lasting than the Kiev outage.

CrashOverride destroys the original program and starts issuing its own commands over the SCADA link, driving through a variety of circuit-breaker addresses and methodically tripping each of them and then starting again at the top. Even if the control center can send its own commands to restore the circuit, CrashOverride will just strike the breaker again and continuously running in an endless loop. Peterson said that he expects CrashOverride to motivate copycat efforts, specifically among attackers of nation-state.

» SPAMfighter News - 6/16/2017