[Home]  [Headlines]  [Latest Articles]  [Latest Comments]  [Post]  [Sign-in]  [Mail]  [Setup]  [Help] 

Status: Not Logged In; Sign In

MAHA MEME

noone2222 and John Bolton sitting in a tree K I S S I N G

Donald Trump To Help Construct The Third Temple?

"The Elites Want To ROB Us of Our SOVEREIGNTY!" | Robert F Kennedy

Take Your Money OUT of THESE Banks NOW! - Jim Rickards

Trump Taps Tulsi Gabbard As Director Of National Intelligence

DC In Full Blown Panic After Trump Picks Matt Gaetz For Attorney General

Cleveland Clinic Warns Wave of Mass Deaths Will Wipe Out Covid-Vaxxed Within ‘5 Years’

Judah-ism is as Judah-ism does

Danger ahead: November 2024, Boston Dynamics introduces a fully autonomous "Atlas" robot. Robot humanoids are here.

Trump names [Fox News host] Pete Hegseth as his Defense secretary

Lefties losing it: Trump’s YMCA dance goes viral

Elon Musk: "15 Products You'll Stop Buying After You Know What They're Made Of"

Walmart And Other Major Retailers Canceling Billions In Orders Amid Fears Of A Dark Winter Ahead

Joe and Jill Biden deliver final 'kick' against Kamala Harris on election day

Relative importance of carbon dioxide and water in the greenhouse effect: Does the tail wag the dog?

Fired FEMA Employee Speaks Out, Says It Was Not Isolated Incident: Colossal Event Of Avoidance

Judge Merchan Hands Trump Historic Victory Donald Receives Stay on Felony Conviction

PNut the Squirrel was marked for death and decapitation from the start as rabies test results are negative

Yemeni forces strike military base in Tel Aviv with hypersonic ballistic missile

SheÂ’s lying. The FEC shows the payment

Speaker Johnson Orders Entire Biden Administration to Preserve and Retain All Records and Documents

Boeing has given up on diversity.

Trump Targeting up to 100,000 Deep Staters for Absolute Exile From DC

FBI Execs Rush to Retire After Trump Victory Leaves Them Shell-Shocked.

Witness to Tragedy: Huge Financial Incentives Led Hospitals to Use COVID Treatments That Killed Patients

‘Knucklehead’: Tim Walz returns to Minnesota ‘defeated'

Study Confirms the Awesome Destructive Power of Sugar in Utero Originally published via Armageddon Prose:

Ukraine mobilizing mentally challenged and deaf people lawmaker

COL. Douglas Macgregor : Trump and Netanyahu At Crossroads


Science/Tech
See other Science/Tech Articles

Title: Russia Has Developed a Cyber Weapon That Can Disrupt Power Grids, New Research Finds
Source: [None]
URL Source: [None]
Published: Jun 15, 2017
Author: ELLEN NAKASHIMA, THE WASHINGTON POST
Post Date: 2017-06-15 04:22:20 by Tatarewicz
Keywords: None
Views: 103
Comments: 2

ScienceAlert... Very real and very dangerous.

Hackers allied with the Russian government have devised a cyber weapon that has the potential to be the most disruptive yet against electric systems that Americans depend on for daily life, according to US researchers.

The malware, which researchers have dubbed CrashOverride, is known to have disrupted only one energy system - in Ukraine in December. In that incident, the hackers briefly shut down one-fifth of the electric power generated in Kiev.

But with modifications, it could be deployed against US electric transmission and distribution systems to devastating effect, said Sergio Caltagirone, director of threat intelligence for Dragos, a cybersecurity firm that studied the malware and issued a report on Monday.

And Russian government hackers have already shown their interest in targeting US energy and other utility systems, researchers said.

"It's the culmination of over a decade of theory and attack scenarios," Caltagirone warned. "It's a game changer."

The revelation comes as the US government is investigating a wide-ranging, ambitious effort by the Russian government last year to disrupt the US presidential election and influence its outcome.

That campaign employed a variety of methods, including hacking hundreds of political and other organisations, and leveraging social media, US officials said.

Dragos has named the group that created the new malware Electrum, and has determined with high confidence that it used the same computer systems as the hackers who attacked the Ukraine electric grid in 2015.

That attack, which left 225,000 customers without power, was carried out by Russian government hackers, other US researchers concluded.

US government officials have not officially attributed that attack to the Russian government, but some privately say they concur with the private sector analysis.

"The same Russian group that targeted US [industrial control] systems in 2014 turned out the lights in Ukraine in 2015," said John Hultquist, who analysed both sets of incidents while at iSight Partners, a cyber intelligence firm now owned by FireEye, where he is director of intelligence analysis.

Hultquist's team had dubbed the group Sandworm.

"We believe that Sandworm is tied in some way to the Russian government - whether they're contractors or actual government officials, we're not sure," he said. "We believe they are linked to the security services."

Sandworm and Electrum may be the same group or two separate groups working within the same organisation, but the forensic evidence shows they are related, said Robert M. Lee, chief executive of Dragos.

The Department of Homeland Security, which works with the owners of the nation's critical infrastructure systems, did not respond to a request for comment Sunday.

Energy-sector experts said that the new malware is cause for concern, but that the industry is seeking to develop ways to disrupt attackers who breach their systems.

"US utilities have been enhancing their cybersecurity, but attacker tools like this one pose a very real risk to reliable operation of power systems," said Michael Assante, who worked at Idaho National Labs and is former chief security officer of the North American Electric Reliability Corporation, where he oversaw the rollout of industry cybersecurity standards.

CrashOverride is only the second instance of malware specifically tailored to disrupt or destroy industrial control systems. Stuxnet, the worm created by the United States and Israel to disrupt Iran's nuclear enrichment capability, was an advanced military-grade weapon designed to affect centrifuges that enrich uranium.

In 2015, the Russians used malware to gain access to the power supply network in western Ukraine, but it was hackers at the keyboards who remotely manipulated the control systems to cause the blackout - not the malware itself, Hultquist said.

With CrashOverride, "what is particularly alarming . . . is that it is all part of a larger framework," said Dan Gunter, a senior threat hunter for Dragos.

The malware is like a Swiss Army knife, where you flip open the tool you need, and where different tools can be added to achieve different effects, Gunter said.

Theoretically, the malware can be modified to attack different types of industrial control systems, such as water and gas. However, the adversary has not demonstrated that level of sophistication, Lee said.

Still, the attackers probably had experts and resources available not only to develop the framework but also to test it, Gunter said. "This speaks to a larger effort often associated with nation-state or highly funded team operations."

One of the most insidious tools in CrashOverride manipulates the settings on electric power control systems. It scans for critical components that operate circuit breakers and opens the circuit breakers, which stops the flow of electricity. It continues to keep them open even if a grid operator tries to close them, creating a sustained power outage.

The malware also has a "wiper" component that erases the software on the computer system that controls the circuit breakers, forcing the grid operator to revert to manual operations, which means driving to the substation to restore power.

With this malware, the attacker can target multiple locations with a "time bomb" functionality and set the malware to trigger simultaneously, Lee said. That could create outages in different areas at the same time.

The outages would last a few hours and probably not more than a couple of days, Lee said. That is because the US electric industry has trained its operators to handle disruptions caused by large storms. "They're used to having to restore power with manual operations," he said.

So although the malware is "a significant leap forward in tradecraft, it's also not a doomsday scenario," he said.

The malware samples were first obtained by ESET, a Slovakian research firm, which shared some of them with Dragos. ESET has dubbed the malware Industroyer.

2017 © The Washington Post


Poster Comment:

Which means US and other Israeli toadies in West better stop giving Russia the gears.

Post Comment   Private Reply   Ignore Thread  


TopPage UpFull ThreadPage DownBottom/Latest

#1. To: Tatarewicz (#0)

Reads to me like a "Russians are evil" demonization write-up, especially when the article quickly goes on to mention how the Russians hacked the election.

And any malware like that would be possible only if the US power grid had vulnerabilities built into it which can and should be patched as they are discovered -- unless the CIA decides to keep them a secret so it can use them as weapons against other countries.

I say the article is hogwash.

Pinguinite  posted on  2017-06-15   13:23:11 ET  Reply   Trace   Private Reply  


#2. To: Pinguinite (#1)

Well I would hope that if Russia is provoked by DC - Tel Aviv crazies that Putin would throw switches rather than nukes in return (except possibly one at Washington when Congress is in session).

Tatarewicz  posted on  2017-06-16   1:08:48 ET  Reply   Trace   Private Reply  


TopPage UpFull ThreadPage DownBottom/Latest


[Home]  [Headlines]  [Latest Articles]  [Latest Comments]  [Post]  [Sign-in]  [Mail]  [Setup]  [Help]