4IT Blog

4IT has been serving the Miami area since 2003, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

Alert: Homeland Security Finds U.S. Power Grid Vulnerable to CrashOverride Malware

Alert: Homeland Security Finds U.S. Power Grid Vulnerable to CrashOverride Malware

On June 12th, the U.S. Department of Homeland Security issued a warning to power grid operators and electric utilities concerning a newly surfaced malware called CrashOverride (aka Industroyer). Only, it’s not entirely new. The world has seen this before and the fallout from it is concerning.

The warning comes from the Computer Emergency Readiness Team’s (CERT’s) National Cybersecurity and Communications Integration Center (NCCIC). In it, public reports from ESET and Dragos reported “a new highly capable Industrial Controls Systems (ICS) attack platform that was reportedly used in 2016 against critical infrastructure in Ukraine.”

You may recall a similar incident hitting the news not too long ago when workers at a Ukrainian power distribution center watched helplessly as hackers took control of their computers, and used them to shut down heat and power for over 230,000 citizens. Though the power wasn’t out for very long (somewhere between one-to-six hours, depending on location), the control centers are still suffering from the attacks several months later. In addition to turning off the power, hackers also overwrote crucial firmware, which left 16 substations unresponsive to remote commands. This is the first confirmed instance of hackers successfully taking down a power grid, and it’s thought that these hackers were very meticulous and sophisticated in the execution of this attack.

Last year, the FBI began a campaign to raise awareness of the potential issue by briefing electrical power companies of the risk. Although, the possibility of such an attack hitting the United States was deemed improbable. Thankfully, there is currently no evidence to suggest that this malware has affected critical infrastructure in the U.S., but the recent CERT warning suggests that such an attack has grown more probable. This risk is due to CrashOverride having the potential to be modified to target vulnerabilities in U.S. critical information network and systems via the malware’s tactics, techniques, and procedures (TTPs). 

To give you an idea of how dangerous the malware is, the Dragos report links the malware to the group responsible for Sandworm, a wicked zero-day vulnerability that executed code within affected systems by opening a backdoor for later access. This threat utilizes phishing attacks and has the ability to spread between networks with the goal of disrupting systems and stealing sensitive information.

In the CERT warning, the recommended way to handle CrashOverride is for utility companies to take a proactive stance when it comes to cybersecurity. This includes implementing techniques for providing and identifying malware. In truth, this is the same approach to cybersecurity that we recommend for all businesses, regardless of industry, size or location. As the sophistication of cybercrime continues to develop, properly monitored and maintained networks are a company's first line of defense. Contact us today to learn more about network security and best practices.



No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Thursday, 21 September 2017
If you'd like to register, please fill in the username, password and name fields.

Mobile? Grab this Article!

Qr Code

Tag Cloud

security Tip of the Week Technology Cloud Best Practices Privacy Microsoft Internet Business Computing software Backup Hackers Hosted Solutions Productivity Business Management Managed Service Provider Malware IT Services Business Google Efficiency Windows Disaster Recovery Innovation IT Support Hardware Business Continuity Workplace Tips VoIP Computer Saving Money Miscellaneous Virtualization User Tips Upgrade Windows 10 Mobile Devices Mobile Device Management Data Server Mobile Computing Network Security Email Alert Communication Network Save Money Microsoft Office Quick Tips communications Smartphones BYOD Going Green Mobile Office Information Technology Social Media Health Android Apps Small Business Office Smartphone Operating System Browser Application Ransomware Chrome Gadgets Outsourced IT Disaster Tablet Firewall Productivity Managed IT Services Avoiding Downtime IT Solutions Spam Passwords BDR Mobility Search Risk Management Cybercrime Holiday Telephone Systems The Internet of Things WiFi Managed IT Remote Computing Unified Threat Management Cybersecurity Hard Drives Saving Time Hacking Vendor Management Best Practice Data Management Remote Monitoring History Employer-Employee Relationship Budget Facebook Automation Apple Law Enforcement Office Tips Proactive IT Marketing Phishing Collaboration Password Hosted Solution Computers Wireless Technology VPN Customer Relationship Management Recovery Phone System Big Data USB Content Filtering Analytics Gmail Bring Your Own Device Router Office 365 Antivirus Shortcut User Error Social Lithium-ion battery Humor Money Administration Wearable Technology iPhone Telephony Current Events Maintenance PowerPoint Virus Printer Work/Life Balance Outlook Encryption HaaS Government App Business Intelligence Cost Management Point of Sale IT COnsultant Intranet Bandwidth Computer Repair Printer Server Wireless Laptop Social Engineering Unsupported Software OneNote Data Recovery Cloud Computing Google Drive Education Trending Save Time Net Neutrality Private Cloud Users Data Backup Windows 8 Tech Support Paperless Office Two-factor Authentication Fax Server Managing Stress Excel Samsung SaaS Wi-Fi Workplace Emergency Audit Streaming Media Network Congestion Applications Uninterrupted Power Supply Travel online currency Help Desk hacker Personal Information Customer Service Transportation Update IT Support Biometrics Retail Virtual Reality Computer Care Battery Robot Meetings Vulnerability Automobile Efficency End of Support Instant Messaging Emails HIPAA Social Networking Internet Exlporer Entertainment Benefits Data Storage Display Internet of Things DDoS Computer Accessories Identity Theft Solid State Drive Data Protection Compliance Flexibility Augmented Reality Mouse PDF Cast WIndows 7 Windows 10s Inbound Marketing Scalability Ebay Files eWaste Nanotechnology Regulations Computing Safety Text Messaging Data Security Hard Disk Drive Value How To Wiring Chromecast Tablets Root Cause Analysis Upgrades Cameras Information Artificial Intelligence HBO User Science best practices Training Debate Administrator NFL Colocation Virtual Desktop CrashOverride Consultant Presentation The Blindside Of Bluetooth IT Management Best Available data breach Company Culture Black Market Access IT Technicians Twitter Word Settings Touchscreen Politics IT Security SharePoint Surge Protector WIndows Server 2008 risk management Cleaning Television Nokia Experience 3D Printing Keyboard Avoid Downtime Teamwork Patch Management Windows 10 Busines Continuity Networking Commerce Near Field Communication Music Hiring/Firing ISP Regulation Data storage Human Resources IT consulting Books Smart Technology Programming Video Games Blogging Running Cable Sync iOS Document Management Advertising Managed IT Service Reliable Computing Data Breach Managed IT Services Legal Website Adobe Bloatware Computer Fan Mobile Device Hard Drive Touchpad Managed Security Scam OneDrive Licensing Dark Web Uograde Amazon Images Co-managed IT Branding Screen Mirroring Employer Employee Relationship Sports Distributed Denial of Service Worker Commute Operating Sysytem Managed Service Provder Lifestyle Electronic Medical Records Storage Webinar Professional Services IT Budget IT service Reputation Domains Tutorial Shadow IT Windows Ink Relocation Buisness Gift Giving Webinar Microblogging Youtube Taxes IT solutions Sales Mobile Supercomputer