Cyber firms warn of malware that could cause power outages

The Internet is no longer the safe place it was many years ago. Malware, or malicious software, is on the rise and can be found in all corners of the Internet. By simply navigating to a website or opening an email, you are at risk of infecting your computer.

Malware takes the form of code, scripts, content and even legitimate software to obtain access to your computer and the personal information it houses.

Malware is the umbrella term used to describe many different types of malevolent software. Computer viruses, computer worms, Trojan horses, rootkits, spyware and adware are all different varieties of malware, each of which interacts with your computer in a different fashion.

Regardless of what form they take, each piece of malware exploits weaknesses in your computer software to gain access for a variety of purposes. With this weaknesses, hackers have developed powerful malware that can shut down electricity distribution systems and possibly other critical infrastructure according to Slovakia-based ESET cyber security firms report, linking it to Russia.

The report mentions the malware as the most powerful threat to appear since Stuxnet, the hacking tool used to sabotage Iran’s nuclear program believed developed by US and Israeli intelligence.

ESET said the malware, which it dubbed “Industroyer”, may be behind the one-hour shutdown of power to the Ukraine capital Kiev last December. Industroyer works using the communication protocols designed decades ago and built into energy, transportation, water and gas systems around the world.

Making use of these poorly-secured protocols, it can take direct control of electricity substation switches and circuit breakers, giving hackers the ability to shut down power distribution and damage equipment, hence becoming the latest biggest threat to industrial control systems since Stuxnet.

But in a separate report on the same malware, a second cyber security company, Dragos, tied it to a Russian hacker group called Sandworm which has been linked to the Russian government. Dragos gave its own name to the malware, “CrashOverride,” and said it is only the second-ever malware deployed for disrupting physical industrial processes, after Stuxnet.

“CrashOverride is not unique to any particular vendor or configuration, and instead leverages knowledge of grid operations and network communications to cause impact,” Dragos said. “In that way, it can be immediately re-purposed in Europe and portions of the Middle East and Asia.”

In addition, it said, the malware could be adapted “with a small amount of tailoring” to render it potent against any power grid targeted for. Also can be applied to work at several electricity substations at the same time, giving it the power to create a widespread power shutdown that could last for hours and potentially days.

The goal of malware

Pranksters and malicious hackers alike write tens of thousands of new malicious applications daily, for a variety of reasons. Pranksters simply want to see the havoc their programs can wreak, or want to get a special message out. Hackers do it to further their reputations, disrupt operations or gather private information.

On the personal-computer level, malware can steal information valuable to identity thieves, such as Social Security numbers, credit card information, email addresses and passwords.

Many hackers design malicious software with the goal of making money. Certain malware applications disguise themselves as legitimate applications, or even fake antivirus applications, in order to gain access to your computer. The fake antivirus software generates pop-up windows telling you your computer is infected, and that only by buying its bogus products will you be clean.

Keystroke logging is when a piece of malware tracks every keystroke you make on your computer’s keyboard. Based on the keystrokes, hackers are able to pick out login IDs and passwords to bank accounts and whatever other websites you may be visiting.

A botnet is a network of computers working together over the Internet. Many piece of malware infect computers and draft them into botnets to be used as part of a spam campaign to send spam emails throughout the world or a distributed denial-of-service attack, which repeatedly loads a website with bogus requests with the intention of making it unreachable.

Protecting against malware

Firewall software and antivirus software are two defenses against malware. Windows offers its own built-in firewall and antivirus protection, though one of the mistakes computer users make is to turn off the built-in firewall and antivirus software provided with Windows.

Unless you are using other antivirus software with a firewall function, these features should never be turned off. Instead of using Windows’ firewall and antivirus protections, many users purchase third-party software for increased levels of protection. These applications index the countless malware applications that exist and act as a barricade against infiltration.


Related posts

Leave a Comment