Hackers have developed a powerful malicious software that can cause the failure of electricity distribution networks, two cyber security companies said on Monday, one of which mentions the responsibility of Russian hackers.
The virus was probably involved in a cyber attack in December 2016 on the Ukrainian network that had deprived part of the capital Kiev of electricity for more than an hour, according to the two companies.
One of the two companies that identified the virus, the Slovak company ESET, said it was the most powerful threat to industrial control systems since Stuxnet, the virus targeting Iran’s nuclear facilities, which was probably Of American and Israeli origin.
Dragos, an American cyber security company that worked on the same virus, linked it to a group of Russian hackers named Sandworm, known to be linked to the Russian government.
The malware, nicknamed “Crashoverride” by Dragos, can be “immediately adapted” to attack networks “in Europe and parts of the Middle East and Asia,” Dragos warned. And it could be adapted quickly to attack North American networks, the company said.
The virus uses communication protocols between different facilities in a network, which were designed decades ago and are therefore more vulnerable.
It allows, for example, hackers to take control of substations and to close parts of the electrical network, to destabilize it and to cause giant breakdowns.