Researchers: We've discovered power grid-wrecking software
FILE - In this June 6, 2013 file photo, the National Security Agency (NSA) campus in Fort Meade, Md. Russian hackers attacked at least one U.S. voting software supplier days before the 2016 presidential election, according to a classified NSA report leaked Monday, June 5, 2017, that suggests election-related hacking penetrated further into U.S. voting systems than previously known. The report, which was published online by The Intercept, does not say whether the hacking had any effect on election results. (AP Photo/Patrick Semansky, File)

Researchers: We've discovered power grid-wrecking software

    June 12, 2017 - 8 months 1 weeks ago

PARIS (AP) — Researchers have discovered a troubling breed of power grid-wrecking software, saying in a report published Monday that the program was very likely responsible for a brief blackout in Ukraine late last year.

The malicious software has the ability to remotely sabotage circuit breakers, switches and protection relays, the report said, a nightmare scenario for those charged with keeping the lights on.

"The potential impact of malware like this is huge," said Robert Lipovsky, a researcher who helped draw up the report for Slovakian anti-virus firm ESET. "It's not restricted to Ukraine. The industrial hardware that the malware communicates with is used in critical infrastructure worldwide."

Policymakers have long worried over programs that can remotely sabotage industrial systems because of their potential to deal catastrophic damage across the internet. Examples of hackers being able to turn off the lights were once confined to the movie screens, but that is slowly changing. In 2010 researchers discovered Stuxnet, a groundbreaking piece of malware apparently designed to sabotage Iran's nuclear program by sending its centrifuge machines spinning out of control.

Last year's power outage appears to have been a sequel to Stuxnet. Ukrainian officials have already described the Dec. 17, 2016, outage at transmission facility outside Kiev, the capital city, as a cyberattack. The report drawn up by ESET and Dragos, Inc. — a Maryland-based firm that specializes in industrial cybersecurity — adds technical details, saying that the malware was designed to communicate directly with industrial control systems, flipping circuit breakers on and off with a string of code before mass-deleting data in a bid to cover its tracks.

The level of sophistication need to write code for the generally obscure industrial controllers that operate the world's electrical grids suggests a group of hackers well-versed in the field and with the resources to test their creations in the lab, the report said.

Lipovksy declined to be drawn on who might be behind the malware, although Ukrainian officials have in the past laid the blame for such intrusions on Russia.

Ukrainian officials didn't immediately return a message seeking comment on the report.

Despite the malware's sophistication, the 2016 incident had relatively little impact.

"Maybe it was a test," said Lipovsky, before adding that that was no reason not to take the malware seriously.

"This could affect hundreds of thousands of people," he said.



Raphael Satter is reachable on:


Comment Guidlines

Comment guidlines goes here.

Post A Comment