Cure Solutions Blog

Cure Solutions has been serving the Burlington area since 1997, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

Alert: Homeland Security Finds U.S. Power Grid Vulnerable to CrashOverride Malware

Alert: Homeland Security Finds U.S. Power Grid Vulnerable to CrashOverride Malware

The warning comes from the Computer Emergency Readiness Team’s (CERT’s) National Cybersecurity and Communications Integration Center (NCCIC). In it, public reports from ESET and Dragos reported “a new highly capable Industrial Controls Systems (ICS) attack platform that was reportedly used in 2016 against critical infrastructure in Ukraine.”

You may recall a similar incident hitting the news not too long ago when workers at a Ukrainian power distribution center watched helplessly as hackers took control of their computers, and used them to shut down heat and power for over 230,000 citizens. Though the power wasn’t out for very long (somewhere between one-to-six hours, depending on location), the control centers are still suffering from the attacks several months later. In addition to turning off the power, hackers also overwrote crucial firmware, which left 16 substations unresponsive to remote commands. This is the first confirmed instance of hackers successfully taking down a power grid, and it’s thought that these hackers were very meticulous and sophisticated in the execution of this attack.

Last year, the FBI began a campaign to raise awareness of the potential issue by briefing electrical power companies of the risk. Although, the possibility of such an attack hitting the United States was deemed improbable. Thankfully, there is currently no evidence to suggest that this malware has affected critical infrastructure in the U.S., but the recent CERT warning suggests that such an attack has grown more probable. This risk is due to CrashOverride having the potential to be modified to target vulnerabilities in U.S. critical information network and systems via the malware’s tactics, techniques, and procedures (TTPs). 

To give you an idea of how dangerous the malware is, the Dragos report links the malware to the group responsible for Sandworm, a wicked zero-day vulnerability that executed code within affected systems by opening a backdoor for later access. This threat utilizes phishing attacks and has the ability to spread between networks with the goal of disrupting systems and stealing sensitive information.

In the CERT warning, the recommended way to handle CrashOverride is for utility companies to take a proactive stance when it comes to cybersecurity. This includes implementing techniques for providing and identifying malware. In truth, this is the same approach to cybersecurity that we recommend for all businesses, regardless of industry, size or location. As the sophistication of cybercrime continues to develop, properly monitored and maintained networks are a company's first line of defense. Contact us today to learn more about network security and best practices.

Here are Your Options for Managing Mobile Devices ...
3 Reasons Why BDR is the Best Way to Backup Your C...
 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Tuesday, 14 July 2020
If you'd like to register, please fill in the username, password and name fields.

Mobile? Grab this Article!

QR-Code dieser Seite

Recent Comments

Handy IT Acronyms to Understand
06 July 2020
Information technology is the future if you want to start your own business but they are doing very ...
Even Amazon Can Be Hacked
01 July 2020
Amazon can be hacked and clipped for the visitors for the posts. The element of the signs of the htt...
How IT is Driving Innovative Developments
30 June 2020
And with changing technology's shifting sands, an approach that gives engineers control in seeking t...
Is your private wireless network located on the WiGLE Database for all to see?
24 June 2020
You shared very important information about our private wireless network. It is nice to have such in...
Tip of the Week: 5 Ways to Maximize Productivity, According to Experts
20 May 2020
What a great blog post you shared about these 5 Ways to Maximize Productivity are very helpful if we...

Latest Blog Entry

The COVID-19 pandemic has resulted in a great number of people working from home. While this is good for the public health, it may unfortunately lead your employees toward a laxer view of cybersecurit...

Latest News

Contact Us

Learn more about what Cure Solutions can do for your business.

Call Us Today

Call us today319-753-CURE (2873)

610 N Main Street
Burlington, Iowa 52601