Danger of computer weapons, can disconnect the grid in another country

According to US researchers, this dangerous cyber weapon has the potential to interrupt the electrical systems that Americans use every day.

Malware , which the researchers named CrashOverride , is said to have broken an energy system in Ukraine. In this incident, hackers cut off a fifth of the electricity generated in Kiev in a short time.

With some modifications, this weapon could be used to combat power transmission and distribution systems in the United States and cause serious losses, Sergio Caltagirone - Director of network security company Dragos has study this malware and make a report.

Hackers of the Russian government have expressed interest in targeting US energy and other utility systems, the researchers said.

Caltagirone warned: "This is the result of more than a decade of constructing theory and attack scenarios. The game has begun to change."

The US government discovered this when investigating the Russian government's ambitious effort last year - to break the US presidential election and affect its results.

The campaign uses a variety of methods, including hacking hundreds of political organizations, other organizations and leveraging social media - US officials said.

Russia has just developed a new weapon.(Photo: momente).

Dragos named the team that created the new malware, Electrum, and identified with high confidence that: It uses computer systems like hackers who attacked Ukraine's grid in 2015.

The 2015 offensive did 225,000 customers without electricity to use. US government officials did not officially assume that the attack was related to the Russian government, but some expressed agreement with the analysis of the private sector.

John Hultquist analyzed both of these incidents while staying at iSight Partners - an online intelligence company owned by FireEye, which he is director of intelligence analysis, said: 'It was the Russian group that attacked. public system of the US in 2014 and power cut in Ukraine in 2015. We believe that Sandworm (hacker group) is bound by the Russian government - whether it is a contractor or a real government official. They are really involved in security services'.

According to Robert M. Lee - CEO of Dragos, Sandworm and Electrum may be the same group or two separate groups operating in the same organization, but the legal evidence shows that they are related. .

Experts in the energy sector say that new malware is a concern, but the industry is looking to disable attackers who violate their systems.

Michael Assante - formerly at the Idaho National Laboratory, and former security supervisor of North America Electric Reliability, said: "US vehicles for enhancing network security have been deployed, but the companies Such an attack tool creates a real risk for electrical system operation. '

CrashOverride is only the second case of malware designed specifically to interrupt or destroy industrial control systems.Stuxnet - a worm created by the United States and Israel to disrupt Iran's nuclear enrichment capabilities, is an advanced military weapon designed to affect uranium enrichment centrifuges.

In 2015, Russia used malware to access the electricity supply network in western Ukraine, but hackers infiltrated through remote-controlled keyboards to cause power outages - not must use malware, Hultquist said.

With CrashOverride, "alarming is that it is part of a bigger danger plan , " said Dan Gunter, a Dragos threat researcher.

Gunter says that this malware is like the Swiss army knife, which can be used to open the tools you need, and other tools that can be added to use for different purposes. .

Theoretically, malware can be modified to attack different types of industrial control systems, such as water and gas. However, the opponent did not prove they were able to do such complicated things, Lee said.

However, the attackers may be experts and with the available resources, they not only use this weapon to attack but also to test its operability.