Industroyer is more dangerous than Stuxnet
Remember Stuxnet, the worm that wreaked havoc across Iran's nuclear facilities? Security researchers from ESET say that they have discovered an even bigger threat, which is being called Industroyer.
According to the company's report, Industroyer is built to "disrupt critical industrial processes," and was recently used in an attack in Ukraine, causing the city of Kiev to lose power for an hour.
According to ESET, Industroyer uses "industrial communication protocols used worldwide in power supply infrastructure, transportation control systems and other critical infrastructure systems, such as water and gas."
So in theory, Industroyer can be used for much more than disrupting the power supply for a European capital.
ESET says the biggest problem lies in the fact that the protocols in use by industrial systems are outdated. They were created to be used off the grid, and now that they are connected -- they are vulnerable.
"That means that the attackers didn’t need to be looking for protocol vulnerabilities; all they needed was to teach the malware 'to speak' those protocols," the report says.
Industroyer is a modular malware with a backdoor as its main way of infection. It installs and controls other components and connects to a remote server to get commands. It is highly customisable and universal, allowing attackers to target any industrial control system.
The report, however, does not state who is behind the malware.
Published under license from ITProPortal.com, a Future plc Publication. All rights reserved.