It appears that elections aren’t the only things Russia can hack across international borders. According to reports, the country’s cyber-warfare capabilities may be able to bring down entire electrical grids—an action that could effectively bring cities to a standstill.
“Hackers allied with the Russian government,” the Washington Post reports, “have devised a cyberweapon that has the potential to be the most disruptive yet against electric systems that Americans depend on for daily life.” Citing U.S. digital researchers, the Post says the malware—dubbed CrashOverride—took down one-fifth of the power grid in the Ukrainian capital of Kiev in December 2015.
- Be among the first to read The Energy Mix Weekender
- A brand new weekly digest containing exclusive and essential climate stories from around the world.
- The Weekender:The climate news you need.
“With modifications,” the malware “could be deployed against U.S. electric transmission and distribution systems, to devastating effect,” the outlet warned, citing Sergio Caltagirone, whose cybersecurity firm Dragos issued a report about the threat on Monday.
After alarm spread over what appeared to be a similar threat last December, the same firm was forced to walk back its report (by different journalists) that malware had penetrated a utility in Vermont; it turned out to have been detected on a single, isolated laptop.
Nonetheless, said Michael J. Assante, formerly security chief for the North American Electric Reliability Corporation, “attacker tools like this one pose a very real risk to reliable operation of power systems.
Dragos code-named the authors of the new malware Electrum. According to the Post, the company “has determined with high confidence that Electrum used the same computer systems as the hackers who attacked the Ukraine electric grid in 2015.”
Other researchers have dubbed what is believed to be the same shadowy group Sandworm. “We believe that Sandworm is tied in some way to the Russian government—whether they’re contractors or actual government officials, we’re not sure,” said John Hultquist, another cybersecurity analyst. “We believe they are linked to the security services.”
Meanwhile, U.S. Energy Secretary Rick Perry has spent his time creating a task force to study the threat to grid security he believes is posed by renewable energy.
