As if the threat posed by malware was not terrifying enough, researchers from the network security firm ESET said today that a Russian hacker group may have developed a way to take down the power grids of entire countries.
The researchers described the malware, dubbed ?EU?Industroyer,?EU? as the most dangerous hacking weapon since Stuxnet. First identified in 2010, Stuxnet is a malicious computer worm that targets industrial computer systems and was responsible for causing substantial damage to Iran’s nuclear program.
In fact, the ESET researchers said the malware was responsible for a 2016 blackout that affected Ukraine?EU?s capital city of Kiev for an hour. The researchers also said the malware could be reconfigured to attack other key infrastructure components as well.
“Industroyer is a particularly dangerous threat, since it is capable of controlling electricity substation switches and circuit breakers directly. To do so, it uses industrial communication protocols used worldwide in power supply infrastructure, transportation control systems, and other critical infrastructure systems (such as water and gas),” the company wrote in a blog post today.
Because Industroyer affects switches directly, the malware can inflict varying degrees of damage on a target country’s infrastructure, from simply triggering a temporary blackout, to causing cascading failures or serious damage to equipment.
The malware is able to attack infrastructure equipment so effectively because it uses the common industry protocols that were first designed decades ago, long before most systems were connected to the Internet. As a result, security had not been a major priority at the time they were implemented. In many cases, the hackers only need to learn how to program the malware to communicate with the protocols because there aren’t any security systems that they need to circumvent.
The ESET researchers characterized Industroyer as modular…