4IT Blog

4IT has been serving the Miami area since 2003, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

Alert: Homeland Security Finds U.S. Power Grid Vulnerable to CrashOverride Malware

Alert: Homeland Security Finds U.S. Power Grid Vulnerable to CrashOverride Malware

On June 12th, the U.S. Department of Homeland Security issued a warning to power grid operators and electric utilities concerning a newly surfaced malware called CrashOverride (aka Industroyer). Only, it’s not entirely new. The world has seen this before and the fallout from it is concerning.

The warning comes from the Computer Emergency Readiness Team’s (CERT’s) National Cybersecurity and Communications Integration Center (NCCIC). In it, public reports from ESET and Dragos reported “a new highly capable Industrial Controls Systems (ICS) attack platform that was reportedly used in 2016 against critical infrastructure in Ukraine.”

You may recall a similar incident hitting the news not too long ago when workers at a Ukrainian power distribution center watched helplessly as hackers took control of their computers, and used them to shut down heat and power for over 230,000 citizens. Though the power wasn’t out for very long (somewhere between one-to-six hours, depending on location), the control centers are still suffering from the attacks several months later. In addition to turning off the power, hackers also overwrote crucial firmware, which left 16 substations unresponsive to remote commands. This is the first confirmed instance of hackers successfully taking down a power grid, and it’s thought that these hackers were very meticulous and sophisticated in the execution of this attack.

Last year, the FBI began a campaign to raise awareness of the potential issue by briefing electrical power companies of the risk. Although, the possibility of such an attack hitting the United States was deemed improbable. Thankfully, there is currently no evidence to suggest that this malware has affected critical infrastructure in the U.S., but the recent CERT warning suggests that such an attack has grown more probable. This risk is due to CrashOverride having the potential to be modified to target vulnerabilities in U.S. critical information network and systems via the malware’s tactics, techniques, and procedures (TTPs). 

To give you an idea of how dangerous the malware is, the Dragos report links the malware to the group responsible for Sandworm, a wicked zero-day vulnerability that executed code within affected systems by opening a backdoor for later access. This threat utilizes phishing attacks and has the ability to spread between networks with the goal of disrupting systems and stealing sensitive information.

In the CERT warning, the recommended way to handle CrashOverride is for utility companies to take a proactive stance when it comes to cybersecurity. This includes implementing techniques for providing and identifying malware. In truth, this is the same approach to cybersecurity that we recommend for all businesses, regardless of industry, size or location. As the sophistication of cybercrime continues to develop, properly monitored and maintained networks are a company's first line of defense. Contact us today to learn more about network security and best practices.

 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Sunday, 18 February 2018
If you'd like to register, please fill in the username, password and name fields.

Mobile? Grab this Article!

Qr Code

Tag Cloud

security Tip of the Week Technology Cloud Privacy Best Practices Microsoft software Internet Business Computing Hackers Backup Productivity Business Management Hosted Solutions Managed Service Provider Malware Google IT Services Business Efficiency Windows IT Support Innovation Disaster Recovery Business Continuity Hardware Workplace Tips VoIP Computer Mobile Devices User Tips Saving Money Miscellaneous Windows 10 Network Security Virtualization Upgrade Mobile Device Management Data Server Email communications Mobile Computing Alert Network Save Money Communication Microsoft Office Small Business Social Media Smartphone Quick Tips Smartphones BYOD Managed IT Services Information Technology Outsourced IT Going Green Mobile Office Apps Android Office Health Browser Gadgets Application Ransomware Operating System Chrome Mobility WiFi Productivity Holiday Disaster Managed IT Firewall The Internet of Things Avoiding Downtime Cybersecurity Tablet Data Management Unified Threat Management IT Solutions History Spam Cybercrime Data Recovery BDR Telephone Systems Passwords Search Data Backup Risk Management Best Practice Remote Computing Remote Monitoring Hard Drives Saving Time Apple Employer-Employee Relationship Budget Automation Marketing Vendor Management VPN Hacking Facebook Big Data iPhone Customer Relationship Management Phishing Password Content Filtering Hosted Solution Proactive IT Computers Money User Error Recovery Phone System Collaboration Wireless Technology Office Tips Law Enforcement Printer Wearable Technology Social Maintenance Office 365 USB PowerPoint Virus Encryption Analytics Vulnerability Gmail Router Telephony Government Intranet Lithium-ion battery Bring Your Own Device Current Events Humor Administration Antivirus Work/Life Balance Shortcut Tech Support Outlook Social Engineering Politics Users Personal Information App Windows 8 Cost Management Private Cloud Wireless Unsupported Software Bandwidth Cloud Computing Printer Server Google Drive Laptop Save Time OneNote Data Security Point of Sale SaaS IT COnsultant Data Protection Flexibility Trending Audit Education Net Neutrality HaaS Computer Repair Business Intelligence Samsung Augmented Reality Wi-Fi Update Customer Service Artificial Intelligence Biometrics Emergency IT Support Paperless Office Retail Social Networking Applications Windows 10 Virtual Reality Fax Server Meetings Workplace hacker Streaming Media Transportation Emails Data Loss Instant Messaging Uninterrupted Power Supply Computer Care online currency Battery Robot HIPAA Entertainment Benefits Redundancy Data Storage Automobile DDoS Computer Accessories End of Support Compliance Mouse Data Breach Internet Exlporer Network Congestion Efficency Two-factor Authentication Internet of Things Managing Stress Help Desk Identity Theft Excel Solid State Drive Sports Display Travel WIndows Server 2008 How To SharePoint Chromecast MSP Upgrades Windows Ink risk management Lifestyle Training Patch Management Ebay Teamwork Administrator Busines Continuity Consultant Google Maps Computing Colocation Networking Near Field Communication Hard Drive The Blindside Of Commerce Company Culture Regulation Black Market Access Touchscreen Software as a Service Human Resources IT consulting Uograde Images IT Security Cleaning Sync Running Cable Experience iOS Avoid Downtime Reliable Computing Keyboard Managed IT Service Adobe Managed IT Services Twitter Google Docs Music Computer Fan Bloatware Surge Protector Hiring/Firing Licensing Television Data storage Microsoft Excel 3D Printing Wiring Books Dark Web Video Games Branding Information Smart Technology Screen Mirroring Document Management Distributed Denial of Service Debate File Sharing Advertising Cast Legal WIndows 7 ISP Inbound Marketing Mobile Device Windows 10s eWaste Touchpad Storage Regulations systems Managed Security Nanotechnology Scam Blogging Programming Value Tablets Hard Disk Drive Cameras hack Root Cause Analysis Employer Employee Relationship HBO Website User Nokia NFL Worker Commute best practices Operating Sysytem Science PDF Virtual Desktop Presentation Cortana CrashOverride IT Management Scalability Bluetooth Files Best Available OneDrive Project Management Word Amazon data breach IT Technicians Text Messaging Legislation Safety Settings Co-managed IT Evernote Reputation Buisness Comparison Workers Blockchain Specifications Updates Identities Microblogging Youtube Conferencing Shadow IT Tutorial Microsoft Word Sales Relocation Gifts Managed Service Provder Device Security Webinar Webinar Devices Credit Cards Spyware Mobile IT solutions Gift Giving FAQ Fraud Professional Services IT service Charger Edge Taxes Domains Wireless Charging Ciminal Supercomputer Electronic Medical Records WannaCry IT Budget