4IT Blog

4IT has been serving the Miami area since 2003, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

Alert: Homeland Security Finds U.S. Power Grid Vulnerable to CrashOverride Malware

Alert: Homeland Security Finds U.S. Power Grid Vulnerable to CrashOverride Malware

On June 12th, the U.S. Department of Homeland Security issued a warning to power grid operators and electric utilities concerning a newly surfaced malware called CrashOverride (aka Industroyer). Only, it’s not entirely new. The world has seen this before and the fallout from it is concerning.

The warning comes from the Computer Emergency Readiness Team’s (CERT’s) National Cybersecurity and Communications Integration Center (NCCIC). In it, public reports from ESET and Dragos reported “a new highly capable Industrial Controls Systems (ICS) attack platform that was reportedly used in 2016 against critical infrastructure in Ukraine.”

You may recall a similar incident hitting the news not too long ago when workers at a Ukrainian power distribution center watched helplessly as hackers took control of their computers, and used them to shut down heat and power for over 230,000 citizens. Though the power wasn’t out for very long (somewhere between one-to-six hours, depending on location), the control centers are still suffering from the attacks several months later. In addition to turning off the power, hackers also overwrote crucial firmware, which left 16 substations unresponsive to remote commands. This is the first confirmed instance of hackers successfully taking down a power grid, and it’s thought that these hackers were very meticulous and sophisticated in the execution of this attack.

Last year, the FBI began a campaign to raise awareness of the potential issue by briefing electrical power companies of the risk. Although, the possibility of such an attack hitting the United States was deemed improbable. Thankfully, there is currently no evidence to suggest that this malware has affected critical infrastructure in the U.S., but the recent CERT warning suggests that such an attack has grown more probable. This risk is due to CrashOverride having the potential to be modified to target vulnerabilities in U.S. critical information network and systems via the malware’s tactics, techniques, and procedures (TTPs). 

To give you an idea of how dangerous the malware is, the Dragos report links the malware to the group responsible for Sandworm, a wicked zero-day vulnerability that executed code within affected systems by opening a backdoor for later access. This threat utilizes phishing attacks and has the ability to spread between networks with the goal of disrupting systems and stealing sensitive information.

In the CERT warning, the recommended way to handle CrashOverride is for utility companies to take a proactive stance when it comes to cybersecurity. This includes implementing techniques for providing and identifying malware. In truth, this is the same approach to cybersecurity that we recommend for all businesses, regardless of industry, size or location. As the sophistication of cybercrime continues to develop, properly monitored and maintained networks are a company's first line of defense. Contact us today to learn more about network security and best practices.



No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Wednesday, 26 July 2017
If you'd like to register, please fill in the username, password and name fields.

Mobile? Grab this Article!

Qr Code

Tag Cloud

security Tip of the Week Technology Cloud Best Practices Privacy Microsoft Internet Business Computing software Hackers Backup Hosted Solutions Productivity Business Management Managed Service Provider Malware Business Google IT Services Efficiency Innovation Windows IT Support Hardware Workplace Tips Disaster Recovery Saving Money Upgrade Computer Miscellaneous VoIP Business Continuity Windows 10 Virtualization Data Mobile Devices Server Mobile Device Management Mobile Computing User Tips Save Money Network Security Communication Network Alert Quick Tips Mobile Office Email Social Media Smartphones BYOD Information Technology Going Green Smartphone Microsoft Office Apps Small Business communications Health Office Gadgets Android Application Ransomware Operating System Avoiding Downtime Tablet Browser Managed IT Services Outsourced IT Disaster Firewall The Internet of Things Risk Management Remote Computing Unified Threat Management Mobility IT Solutions WiFi BDR Productivity Passwords Search Holiday Chrome Automation Facebook History Hacking Remote Monitoring Hard Drives Spam Best Practice Saving Time Data Management Employer-Employee Relationship Managed IT Vendor Management Telephone Systems Budget Big Data Office Tips Customer Relationship Management Apple Password Cybercrime Hosted Solution Marketing VPN Wireless Technology Recovery Cybersecurity Law Enforcement Humor Administration Wearable Technology Printer iPhone Maintenance USB PowerPoint Content Filtering Antivirus Virus Analytics Gmail Router Money Social Proactive IT Phishing User Error Computers Lithium-ion battery Telephony Bring Your Own Device Collaboration Phone System Current Events Trending Education Work/Life Balance Net Neutrality Computer Repair Office 365 Tech Support HaaS Encryption Business Intelligence Users Wireless Windows 8 Government App Cost Management Google Drive Cloud Computing Social Engineering Intranet Bandwidth Save Time Printer Server Laptop Private Cloud OneNote Point of Sale IT COnsultant Mouse Samsung Display Two-factor Authentication Managing Stress Augmented Reality SaaS Audit Paperless Office hacker IT Support Personal Information Social Networking Transportation Outlook Fax Server Workplace Shortcut Robot Computer Care Battery Customer Service Streaming Media Update Biometrics Retail Unsupported Software Automobile Uninterrupted Power Supply Virtual Reality End of Support online currency Meetings Internet Exlporer Instant Messaging Emails Internet of Things Network Congestion HIPAA Identity Theft Data Protection Solid State Drive Entertainment Efficency Benefits Flexibility Computer Accessories Help Desk DDoS Nokia Compliance Website Hard Disk Drive Distributed Denial of Service Root Cause Analysis Safety Text Messaging HBO How To WIndows 7 Chromecast Wi-Fi Inbound Marketing OneDrive Upgrades best practices eWaste Amazon CrashOverride Emergency Artificial Intelligence Regulations Administrator IT Management Training Co-managed IT Applications Excel Colocation Value Consultant data breach Settings The Blindside Of Cameras Access Company Culture Black Market User Politics Science Touchscreen Ebay risk management Computing IT Security Virtual Desktop Presentation Hard Drive Cleaning Bluetooth Best Available Experience Travel Windows 10 IT Technicians Commerce Keyboard Avoid Downtime Uograde Images SharePoint Music Vulnerability Data Recovery Hiring/Firing Data storage Teamwork Books Twitter Busines Continuity iOS Managed IT Service Smart Technology Networking Video Games Near Field Communication Managed IT Services Document Management Surge Protector Data Breach Television Advertising Computer Fan Wiring 3D Printing Data Storage Human Resources Legal IT consulting Touchpad Information Mobile Device Running Cable Managed Security Dark Web Screen Mirroring Scam Reliable Computing Debate ISP Bloatware Data Backup Cast Employer Employee Relationship Sports Operating Sysytem Programming Blogging Windows 10s Worker Commute Nanotechnology PDF Data Security Branding Scalability Files IT Budget Storage Reputation IT service WIndows Server 2008 Domains Lifestyle Shadow IT Relocation Youtube Microblogging Tutorial Buisness Sales Managed Service Provder Webinar Webinar Taxes IT solutions Gift Giving Supercomputer Electronic Medical Records