4IT Blog

4IT has been serving the Miami area since 2003, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

Alert: Homeland Security Finds U.S. Power Grid Vulnerable to CrashOverride Malware

Alert: Homeland Security Finds U.S. Power Grid Vulnerable to CrashOverride Malware

On June 12th, the U.S. Department of Homeland Security issued a warning to power grid operators and electric utilities concerning a newly surfaced malware called CrashOverride (aka Industroyer). Only, it’s not entirely new. The world has seen this before and the fallout from it is concerning.

The warning comes from the Computer Emergency Readiness Team’s (CERT’s) National Cybersecurity and Communications Integration Center (NCCIC). In it, public reports from ESET and Dragos reported “a new highly capable Industrial Controls Systems (ICS) attack platform that was reportedly used in 2016 against critical infrastructure in Ukraine.”

You may recall a similar incident hitting the news not too long ago when workers at a Ukrainian power distribution center watched helplessly as hackers took control of their computers, and used them to shut down heat and power for over 230,000 citizens. Though the power wasn’t out for very long (somewhere between one-to-six hours, depending on location), the control centers are still suffering from the attacks several months later. In addition to turning off the power, hackers also overwrote crucial firmware, which left 16 substations unresponsive to remote commands. This is the first confirmed instance of hackers successfully taking down a power grid, and it’s thought that these hackers were very meticulous and sophisticated in the execution of this attack.

Last year, the FBI began a campaign to raise awareness of the potential issue by briefing electrical power companies of the risk. Although, the possibility of such an attack hitting the United States was deemed improbable. Thankfully, there is currently no evidence to suggest that this malware has affected critical infrastructure in the U.S., but the recent CERT warning suggests that such an attack has grown more probable. This risk is due to CrashOverride having the potential to be modified to target vulnerabilities in U.S. critical information network and systems via the malware’s tactics, techniques, and procedures (TTPs). 

To give you an idea of how dangerous the malware is, the Dragos report links the malware to the group responsible for Sandworm, a wicked zero-day vulnerability that executed code within affected systems by opening a backdoor for later access. This threat utilizes phishing attacks and has the ability to spread between networks with the goal of disrupting systems and stealing sensitive information.

In the CERT warning, the recommended way to handle CrashOverride is for utility companies to take a proactive stance when it comes to cybersecurity. This includes implementing techniques for providing and identifying malware. In truth, this is the same approach to cybersecurity that we recommend for all businesses, regardless of industry, size or location. As the sophistication of cybercrime continues to develop, properly monitored and maintained networks are a company's first line of defense. Contact us today to learn more about network security and best practices.

 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Thursday, 23 November 2017
If you'd like to register, please fill in the username, password and name fields.

Mobile? Grab this Article!

Qr Code

Tag Cloud

security Tip of the Week Technology Cloud Privacy Best Practices Microsoft software Internet Business Computing Hackers Backup Productivity Hosted Solutions Business Management Managed Service Provider Google Malware IT Services Business Efficiency Windows IT Support Innovation Disaster Recovery Business Continuity Hardware Workplace Tips VoIP Computer User Tips Saving Money Windows 10 Miscellaneous Virtualization Upgrade Mobile Device Management Mobile Devices Data Network Security Server Mobile Computing Email Alert Communication Save Money Network Microsoft Office Small Business Smartphone Quick Tips communications Social Media Smartphones BYOD Going Green Information Technology Mobile Office Apps Office Health Android Application Browser Ransomware Gadgets Managed IT Services Outsourced IT Operating System Chrome Tablet Avoiding Downtime WiFi Productivity Managed IT Disaster Mobility Holiday Firewall The Internet of Things Telephone Systems Remote Computing Unified Threat Management IT Solutions Spam BDR Passwords Cybersecurity Best Practice Search Data Management Cybercrime Risk Management Employer-Employee Relationship Facebook Remote Monitoring History Budget Hard Drives Automation Apple Saving Time Hacking Vendor Management VPN Computers iPhone Money Customer Relationship Management Big Data Recovery Phone System Data Backup Content Filtering Proactive IT Office Tips Law Enforcement User Error Marketing Collaboration Phishing Password Wireless Technology Data Recovery Hosted Solution Telephony Wearable Technology Maintenance Printer PowerPoint Virus USB Analytics Encryption Router Gmail Government Bring Your Own Device Work/Life Balance Antivirus Lithium-ion battery Shortcut Office 365 Social Vulnerability Humor Current Events Administration Trending Education Net Neutrality Wireless Private Cloud Unsupported Software Tech Support Google Drive Cloud Computing Users Save Time Outlook Windows 8 Data Security Data Protection SaaS App Audit HaaS Cost Management Intranet Business Intelligence Bandwidth Printer Server Laptop Point of Sale IT COnsultant OneNote Politics Social Engineering Computer Repair Personal Information Battery Instant Messaging Robot Emails Computer Care Display HIPAA Data Storage Automobile Entertainment Social Networking Augmented Reality Benefits End of Support Computer Accessories DDoS Paperless Office Mouse Internet Exlporer Compliance Fax Server Internet of Things Workplace Identity Theft Two-factor Authentication Managing Stress Streaming Media Solid State Drive Flexibility Excel Sports Uninterrupted Power Supply online currency Travel Network Congestion Samsung Wi-Fi Emergency IT Support Artificial Intelligence Update Customer Service Help Desk Applications Windows 10 Biometrics Retail Efficency Virtual Reality hacker Meetings Transportation Website Data Loss Experience iOS Human Resources IT consulting Keyboard Managed IT Service Running Cable Avoid Downtime Managed IT Services Adobe Google Docs Music Computer Fan Reliable Computing OneDrive Amazon Hiring/Firing Bloatware Data storage Co-managed IT Licensing Microsoft Excel Books Dark Web Hard Drive Smart Technology Screen Mirroring Video Games Lifestyle Document Management Ebay File Sharing Data Breach Branding Advertising Computing Uograde Images Cast Distributed Denial of Service Legal Mobile Device Windows 10s Touchpad systems Managed Security Nanotechnology WIndows 7 eWaste Storage Inbound Marketing Scam Tablets Hard Disk Drive Regulations hack Root Cause Analysis Value Employer Employee Relationship HBO NFL Worker Commute best practices Operating Sysytem Cameras User Cortana Twitter Wiring CrashOverride PDF Scalability Science Files Information IT Management Word Surge Protector data breach Virtual Desktop Presentation Best Available Debate Legislation Television Safety Settings Bluetooth Text Messaging IT Technicians How To Chromecast 3D Printing WIndows Server 2008 Upgrades Windows Ink risk management SharePoint Administrator Training Patch Management Consultant Google Maps Colocation ISP The Blindside Of Commerce Teamwork Black Market Access Busines Continuity Nokia Company Culture Regulation Blogging Touchscreen Software as a Service Networking Near Field Communication Programming IT Security Cleaning Sync Relocation Webinar Mobile IT solutions Microblogging Youtube Professional Services Sales Taxes Managed Service Provder Webinar Tutorial IT service Supercomputer Electronic Medical Records Domains IT Budget Reputation Comparison Gift Giving Buisness Specifications Shadow IT