On Monday, two cybersecurity firms declared that they have discovered malicious software that may have been the cause of the December 2016 Ukraine power outage. They also warned people from all over the world that hackers are modifying malicious software to harm important infrastructure operations. ESET, a Slovakian anti-virus software maker, and Dragos Inc, a U.S. critical-infrastructure security firm are the ones who released a detailed analysis of this malware. Its name is reportedly Industroyer or Crash Override. The firms also sent private alerts to governments in the entire world in order to prepare them.
Malicious software even more dangerous
According to the U.S. Department of Homeland Security, they are currently investigating the situation and the malware. However, until now, they have found no evidence to prove that it had affected any important infrastructure in the country. The two cybersecurity firms also reportedly don’t know who might have been behind the attack. At the time, Ukraine blamed everything on Russia, as expected. However, the Russian officials have strongly denied any involvement. Still, both firms warned people and said that more such attack could follow in the near future. The same group might try the trick one more time or others, who found out how to copy the method of the original group.
ESET malware researcher Robert Lipovsky said that malware is the easiest to repurpose. Then, they can use it for many other harmful aims. It can also hurt many other targets. This is actually the most alarming thing. Damage to important infrastructure in the entire world is not something to be joked about or ignored. The Department of Homeland Security also said that it’s currently working to understand and reduce the threat coming from this malware. In an alert on their website, the agency stated that the malware can suffer modifications. It can also attack vital U.S. information systems and networks.
Understanding the threat
Dragos founder Robert M. Lee also warned that this malware can even attack power systems from all over the world. They could be leaving us all in complete darkness. At the same time, Lipovsky warned that, with the right modifications, the malware could even attack other vital types of infrastructure. For example, transportation providers, water and gas providers. Alan Brill, a leader of Kroll’s cyber security practice said that powers firms are worried that more such attacks might follow.
Image source: freegreatpicture