Russian malware 'likely' to blame for Ukrainian power grid attack

Eset researchers call the malware a "wake-up call" for other electrical systems around the world.

(Image: file photo)

Russian-aligned hackers have built a cyberweapon that can directly control electricity substation switches and circuit breakers -- potentially bringing swathes of a country's population offline and causing massive disruption.

The malware, dubbed "Industroyer," targets critical power supplies by attacking industrial communications devices used on a power network.

special feature

Cybersecurity in an IoT and Mobile World

The technology world has spent so much of the past two decades focused on innovation that security has often been an afterthought. Learn how and why it is finally changing.

The malware works in four modular parts, said researchers at security firm Eset in a Monday blog post. At its core is a backdoor that allows other components to install, which are remotely controlled by a command server hosted on the Tor anonymity network, making it almost impossible to trace. Hackers can use the malware to carry out a series of "cascading failures," resulting in forcing offline power supplies and causing damage to equipment.

That's largely what happened in 2015, when hackers -- said to be associated with Russia -- attacked a critical power supply in Ukraine, during a time when relations between the two states were fractious after Russia annexed the Crimean peninsula in 2014.

Researchers are now saying that the Industroyer malware was "likely" behind that cyberattack in Ukraine, which left more than 225,000 customers in the dark two days before Christmas.

But the security researchers have warned that the attack may have been a "large-scale test," and could be easily "refitted to target other types of critical infrastructure."

Read also: How to check your Linux servers for rootkits and malware (TechRepublic)

"The recent attack on the Ukrainian power grid should serve as a wake-up call for all those responsible for the security of critical systems around the world," said Anton Cherepanov, a senior malware researcher at Eset.

In areas of high population, researchers say there could be significant harm to vital services, like hospitals and transport.

Newsletters

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
See All
See All