Researchers uncover Russia-linked malware that could immobilize electric grids
By Editor - Thu May 25, 9:18 am
Security researchers have discovered new industrial control system malware, dubbed “CosmicEnergy,” which they say could be used to disrupt critical infrastructure systems and electric grids. The malware was uncovered by researchers at Mandiant, who have likened CosmicEnergy’s capabilities to the destructive Industroyer malware that the Russian state-backed “Sandworm” hacking group used to cut power in Ukraine in 2016 . Unusually, Mandiant says it uncovered CosmicEnergy through threat hunting and not following a cyberattack on critical infrastructure. The malware was uploaded to VirusTotal, a Google-owned malware and virus scanner, in December 2021 by a submitter based in Russia, according to Mandiant. The cybersecurity company’s analysis shows that the malware may have been developed by Rostelecom-Solar, the cybersecurity arm of Russia’s national telecom operator Rostelecom, to support exercises such as the ones hosted in collaboration with the Russian Ministry of Energy in 2021
The rest is here:
Researchers uncover Russia-linked malware that could immobilize electric grids