ESET researchers believe they have uncovered the biggest threat to industrial control systems since Stuxnet.
Industroyer is sophisticated and dangerous malware designed to disrupt critical industrial processes.
ESET researchers analysed samples of the malware, detected by ESET as Win32/Industroyer, capable of performing an attack on power supply infrastructure.
The malware was most probably involved in the December 2016 attack on Ukraine’s power grid that deprived part of its capital, Kiev, of power for an hour.
“The recent attack on the Ukrainian power grid should serve as a wake-up call for all those responsible for the security of critical systems around the world,” warns Carey van Vlaanderen, CEO of ESET South Africa.
ESET researchers discovered Industroyer is capable of directly controlling electricity substation switches and circuit breakers. It uses industrial communication protocols used worldwide in power supply infrastructure, transportation control systems, and other critical infrastructure.
The potential impact may range from simply turning off power distribution, trigering a cascate of failures, to more serious damage to equipment.
“Industroyer’s ability to persist in the system and to directly interfere with the operation of industrial hardware makes it the most dangerous malware threat to industrial control systems since the infamous Stuxnet, which successfully attacked the Iran’s nuclear program and was discovered in 2010,” Van Vlaanderen says.
