Wednesday, June 14, 2017, 11:38 AM
The Daily Beast has a story on “CrashOverride”, a computer program best described as transient anti-infrastructure warhead designed to disrupt the power grid. It was tested live against a Ukrainian substation in December 2016 creating a small blackout. Kim Zetter has another good report at Motherboard, and Dragos has the technical details.
Dragos attributes the attack as conducted by “ELECTRUM”, a group it assesses as being associated with Sandworm—an evaluation that is only slightly better than rolling attribution dice. It is probably more accurate to phrase the attribution as “probably Russia, and probably affiliated with the previous Ukrainian power grid attack in 2015.” (The December 2016 attack was the second assault on the Ukranian power grid.)
The payload of CrashOverride is rather elegant in its simplicity; in a way it’s reminiscent of how a toddler might…
View original post 1,119 more words