CRASHOVERRIDE malware alert
January 10, 2018
Security experts and market commentators alike are voicing their concerns after examination of a power outage in Ukraine’s capital, Kiev, in December 2016 identified a malware framework known as CRASHOVERRIDE or INDUSTROYER. The malware targeted Kiev’s electrical infrastructure via its Industrial Control Systems (ICS) in an unprecedented and sophisticated cyber-attack. The event has serious implications globally, and is proving to be a hacker’s paradise for more than power grids in the near future. Read the practical steps organizations can take to better protect themselves from future malware attacks like CRASHOVERRIDE/INDUSTROYER.
Alongside the use of digital technologies for enhanced automation greatly increasing hackers’ potential attack surface, aging critical infrastructure support has not always been architected with cybersecurity top of mind. CRASHOVERRIDE/INDUSTROYER targeted circuit breakers and switches hijacking electrical systems from a distance by taking advantage of standard device-level communication protocols, making it almost completely undetectable in the power infrastructure.
CRASHOVERRIDE/INDUSTROYER could be a blueprint for a more widespread and longer-lasting attack. The potential to disrupt energy, water supplies and other critical industries using ICS for automation, in an economic context, could be highly damaging to a company, municipality or nation for a long period of time.
Download the report and take practical steps today to protect your organization from future malware attacks like CRASHOVERRIDE/INDUSTROYER.
Accenture Security is a leading provider of end-to-end cybersecurity services, including advanced cyber defense, applied cybersecurity solutions and managed security operations. We bring security innovation, coupled with global scale and a worldwide delivery capability through our network of Advanced Technology and Intelligent Operations centers. Helped by our team of highly skilled professionals, we enable clients to innovate safely, build cyber resilience and grow with confidence. Follow us @AccentureSecure on Twitter or visit us at www.accenture.com/security.
Accenture, the Accenture logo, and other trademarks, service marks, and designs are registered or unregistered trademarks of Accenture and its subsidiaries in the United States and in foreign countries. All trademarks are properties of their respective owners. All materials are intended for the original recipient only. The reproduction and distribution of this material is forbidden without express written permission from Accenture. The opinions, statements, and assessments in this report are solely those of the individual author(s) and do not constitute legal advice, nor do they necessarily reflect the views of Accenture, its subsidiaries, or affiliates. Given the inherent nature of threat intelligence, the content contained in this report is based on information gathered and understood at the time of its creation. It is subject to change. Accenture provides the information on an “as-is” basis without representation or warranty and accepts no liability for any action or failure to act taken in response to the information contained or referenced in this report.
Copyright © 2020 Accenture. All rights reserved. Accenture, its logo, and High Performance Delivered are trademarks