Malware threatens power systems
Hackers allied with the Russian government have devised a cyberweapon that has the potential to be the most disruptive yet against electric systems that Americans depend on for daily life, according to U.S. researchers.
The malware, which researchers have dubbed CrashOverride, is known to have disrupted only one energy system — in Ukraine. In that incident, the hackers briefly shut down one-fifth of the electric power generated in Kiev.
But with modifications, it could be deployed against U.S. electric transmission and distribution systems to devastating effect, said Sergio Caltagirone, director of threat intelligence for Dragos, a cybersecurity firm that studied the malware and is issuing a report this week.
And Russian government hackers have already shown their interest in targeting U.S. energy and other utility systems, researchers said.
“It’s the culmination of over a decade of theory and attack scenarios,” Caltagirone warned. “It’s a game changer.”
The revelation comes as the U.S. government is investigating a wideranging, ambitious effort by the Russian government last year to disrupt the U.S. presidential election and influence its outcome. That campaign employed a variety of methods, including hacking hundreds of political and other organizations, and leveraging social media, U.S. officials said.
Energy-sector experts said the industry is seeking to develop ways to disrupt attackers who breach their systems.