World’s first Power outage using Malware

Die Hard 4.0 seems real enough now as we have the world’s first power outage accomplished by a malware. The culprits are…..you guessed it, the blackhats.

Now hackers have used a highly elegant and destructive malware to successfully infect at least three regional Ukrainian power authorities. So, their pre-Christmas 23rd December was pretty much a …lights out.

The region Infected was the Ivano-Frankivsk.

Prykarpattyaoblenergo, a local energy provider was claimed to be under the attack of cyber crooks by the energy ministry. As I said, Christman kinda went a dud!

The malware responsible disconnected the electrical substation. Now, this is frighteningly believable as no power grids were touched but the computers controlling them were.

World’s First power-outage-inducing malware

The name that is given to this malware that brought down the power is dubbed BLACKENERGY. 

This BlackEnergy trojan was first discovered in 2007. Back then, it was a relatively simple tool to conduct DDoS attacks(Denial Of Service). It got an update about two years ago with a butt-load of new features. Features that were not limited to making a computer unbootable.

“Russian Security Service” was the launcher of this malware. its targets were industrial control systems and sensitive politicians.

The internet antivirus provider called ESET said that the virus was recently updated to include utilities such as

  • KillDisk: As the name suggests, kills  the disk or to be more sophisticated “Screws with the crucial parts of an industrial system”
  • Backdoored Secure Shell Turns your computer into infidel women aka infects the computer with a permanent access of the “other guy”/the hacker.

The how?

Researchers revealed that the hackers’ backdoor came from the macros linked in the booby-trapped Microsoft office documents. Malicious macros caused the Ukraine’s power pop. The initial point of infection is believed to be caused by just that.

My two cents

This is definitely a disturbing news. A simple SE(Social Engineering) trick, however inelegant, can also be used to disrupt the power. What’s sad is that there might be no John McLane to save us this time.

 

 

 

Leave a Reply

Your email address will not be published. Required fields are marked *

Time limit is exhausted. Please reload CAPTCHA.