Two cyber security companies have come forward with new information regarding the cause of the December 2016 cyber attack that cut power in Ukraine and temporarily left thousands of people without access to electricity. According to the two firms, ESET and Dragos Inc., a sophisticated piece of malware known as Crash Override or Industroyer was likely responsible for the Ukraine blackout and could potentially be used again to take down vulnerable power grids around the world.
According to Dragos founder Robert M. Lee, the Industroyer malware has the ability to cause blackouts for up to a few days at a time in specific regions of a country, but it isn’t strong enough to bring down the entire grid at once. In a recent interview, Lee advised government authorities and power companies on how they can defend themselves against the threat that Industroyer poses. Even though the malicious software is capable of attacking power operators all across Europe, Lee said that it could be used against the United States “with small modifications.”