GlobalSign Blog

20 Jun 2017

Super Malware “Industroyer” Threatens Power Grid

Entering the summer months and all we thought to worry about was sunburn and tick bites. Now, according to this recent story in USA Today, the newly dubbed malware, “Industroyer,” is apparently a superbug ready to take down any power grid it can get into. Lyme’s disease and skin cancer aside, this is something of grave importance to take note of.

In a paper posted by ESET, the “Industroyer” code is the biggest security threat to industrial control systems since Stuxnet, the virus that stunned the cooling control systems at the Natanz uranium enrichment plant in Iran in 2010.

This new variation, highlighted by a security company studying a recent intrusion on the Ukrainian power grid, whose samples were discovered and named as Win32/Industroyer, deemed it capable of performing the same kind of attack.

According to the USA Today article,

U.S. power providers are “properly alarmed,” especially at the sophistication of the program, said Sue Kelly, president and CEO of the American Public Power Association.


Automatic malware that attacks the electric grid is "a big deal," said Mark Weatherford, chief cybersecurity strategist at the security firm vArmour.

It’s starting to feel like the Ukraine attacks in 2015 and 2016 were a playground for someone running a proof of concept,” said Galina Antova, co-founder of Claroty, a company that provides industrial control security.

The danger lies in that the malware is focused on infiltrating and tripping control breakers designed to protect against overload. If enough breakers are tripped, it creates a cascading overload effect on down the line, potentially knocking out an entire town grid, city, county or country.

In some cases, it could then take days to restart all the plants,” noted Weatherford, who was recently the chief security officer at the North American Electric Reliability Corporation, the regulatory authority for North American utilities.

As previously discussed in a recent GlobalSign blog, a strong PKI foundation is the first defense against malware attacks in the power grid system. In fact, PKI was one of many standards-based technologies used to meet the design goal of a centralized IdAM platform that supports users across several access silos – IT, OT and physical access.

We've seen the use of digital security increasingly play an important role for supporting energy markets and protecting critical national infrastructure, and we look forward to collaborating with other leading experts and researchers who are playing a role addressing cyber security for smart energy systems."

Lila Kee, Chief Product Officer, GlobalSign

As a leader and key contributor to the North American Energy Standards Board (NAESB) PKI standard, WEQ-012 and a NAESB** Authorized Certificate Authority (ACA), GlobalSign's Digital Certificates can be used for multiple use cases including secure authentication to online services, access to the NAESB Electronic Industry Registry (EIR), digitally signing email and documents and the encryption of server communications.

GlobalSign's NAESB-compliant Digital Certificates are delivered via a web-based, Managed PKI portal, which allows compliance and security officers to easily issue and manage certificates for users affiliated with their organization. Issuing certificates to new users or revoking user certificates is easy through Managed PKI's self-service.

GlobalSign is an active participant in the North American Energy Standards Board PKI subcommittee and Lila Kee, GlobalSign's Chief Product Officer, holds a board of directors seat on NAESB’s Wholesale Electric Quadrant (WEQ) Executive to provide cybersecurity expertise and help share security policies and technology standards for the energy sector.

Click here for a recent blog containing further information regarding power grid security as it relates to GlobalSign PKI solutions, governing bodies and regulations.

==============================

This article uses and references information and quotations from previously published information, including:

https://www.welivesecurity.com/2017/06/12/industroyer-biggest-threat-industrial-control-systems-since-stuxnet/

https://www.usatoday.com/story/tech/news/2017/06/12/malware-discovered-could-threaten-electrical-grid/102775998/

** The North American Energy Standards Board (NAESB) is an industry-run voluntary standard's body including Whole-sale and Retail gas and electric participants (Generators, distributors, marketers, and end users) that focus on creating and promoting voluntary standards affecting the North America grid leading to a seamless marketplace for grid operators, regulators, and customers. One such area of standard's development is the Cyber Security Subcommittee (CSS) that so far has created a standard around PKI called WEQ-012 that today many Independent System Operators follow.

Share this Post

Write for Us

Apply Now

Subscribe to our Blog