New Russian malware could bring down the US power grid

(AP Photo/Gerry Broome)

As if you didn’t have enough to worry about. Who will bring down America’s power grid first? Joe Biden or Vladimir Putin? Biden has a head start, to be sure. But some Russian hackers have reportedly cooked up some new malware designed specifically to target electrical grids and cause disruptions. The new threat was discovered by Mandiant, a cyber threat intelligence specialist firm. They believe that this new malware system “poses a plausible threat” to the operational technology behind various electrical grid assets. (Security Week)

Advertisement

Mandiant on Thursday detailed a new piece of malware that appears to be linked to Russia and is designed to target industrial control systems (ICS), specifically in an effort to cause electric grid disruption.

Named CosmicEnergy, the latest malware family targeting operational technology (OT) is designed to interact with IEC 60870-5-104 (IEC-104) devices, sending remote commands to tamper with the actuation of power line switches and circuit breakers in an effort to cause power disruption. Mandiant believes it “poses a plausible threat to affected electric grid assets”.

At least for the time being, the United States might not have quite as much to worry about from this threat as other parts of the world. According to the geeks at Mandiant, the new “CosmicEnergy” malware is highly customized and the configuration they discovered is designed to attack remote elements of power grids like the ones used in Europe, the Middle East and other parts of Asia.

But if the malware can be configured to attack theirs, it can almost certainly be adapted to work on elements of the American grid. You can read the linked report for all of the technical jargon, but the gist of it seems to be that hackers would need to collect the IP addresses and credentials of the grid’s technology systems. CosmicEnergy would then be able to upload files into the utility’s systems and issue commands, including the ability to simply take the system offline.

Advertisement

This is yet another example of why we need to be working on a massive project to modernize, insulate, and generally “smarten” the American power grid. We are falling behind some very bad actors in the technology race. It’s bad enough that we have maniacs shooting up our electrical substations on a regular basis. But if we’re going to be attacked by some geeks in Siberia over the internet and potentially watch the entire country’s electrical infrastructure go dark, we need to get moving.

The technology war between mainstream systems and hackers has been going on for quite a while now. As early as 2012, hackers successfully hacked into the display systems at multiple nuclear power plants, nearly causing operators to make catastrophic errors. South Korea’s nuclear facilities suffered similar attacks in 2014. This is a constant back-and-forth battle that continues to this day. Just when you think you have all of the holes in your system plugged, some Blackhat coding guru finds a way to drill new ones. And now, if they can’t figure out a way to take down the systems that generate the power, they’ll look to interrupt the delivery system.

It would be nice if some of those trillions of dollars that the Democrats flushed into Joe Biden’s supposed “infrastructure” bill had gone to actual infrastructure and not climate change initiatives. And the power grid is every bit as critical to our national security as our roads and bridges. Probably more so, in fact. Then again, if the administration is going to keep crippling our domestic energy production, there might not be enough electricity to keep the grid up anyway, so perhaps it doesn’t matter.

Advertisement

Join the conversation as a VIP Member

Trending on HotAir Videos

Advertisement
Advertisement
Ed Morrissey 12:40 PM | November 21, 2024
Advertisement
David Strom 11:20 AM | November 21, 2024
Advertisement