Wasn’t There a Television Series About This?

Imagine that there as a cyberweapon that could shut down the power grid. If this article at The Washington Post is to be believed, the Russians have one:

Hackers allied with the Russian government have devised a cyberweapon that has the potential to be the most disruptive yet against electric systems that Americans depend on for daily life, according to U.S. researchers.

The malware, which researchers have dubbed CrashOverride, is known to have disrupted only one energy system — in Ukraine in December. In that incident, the hackers briefly shut down one-fifth of the electric power generated in Kiev.

But with modifications, it could be deployed against U.S. electric transmission and distribution systems to devastating effect, said Sergio Caltagirone, director of threat intelligence for Dragos, a cybersecurity firm that studied the malware and issued a report on Monday.

And Russian government hackers have already shown their interest in targeting U.S. energy and other utility systems, researchers said.

“It’s the culmination of over a decade of theory and attack scenarios,” Caltagirone warned. “It’s a game changer.”

There are several things that should always be kept in mind about cyberweapons:

  1. Developing genuinely sophisticated cyberweapons is expensive. It’s not something that a clever kid will do in his spare time in his mom’s basement.
  2. That means it requires state sponsorship.
  3. Once you’ve released a cyberweapon into the wild, it’s in the wild. Your control over where it goes then and what may be done with it is greatly diminished.
  4. It’s a lot cheaper to reverse engineer a sophisticated cyberweapon than it is to develop one in the first place. It is something that can be done by a clever kid working in her spare time in her dad’s basement.

Remember that global ransomware attack that took place last month? Multiple reports say that that the malware used started out in life as something created by a government, assumed to be North Korea. It was then adapted by private individuals for their own nefarious purposes and the rest is criminal history.

That’s why I think that, although researching new, sophisticated malware techniques makes sense for us as well as for the Russians, actually using them borders them on the insane. By the very nature of our society we are extremely vulnerable to attack. Why give more people the weapons to do it with than is absolutely necessary?

1 comment… add one
  • Guarneri Link

    Who cares? More important to discover collusion that’s not there……

Leave a Comment