Malware Discovered Within EU Energy Company’s Network

EU energy

Dangerous malware discovered in EU energy company

IT News, July 15, 2016

A new piece of sophisticated malware has been discovered on the networks of an unnamed European energy company with what researchers believe is the potential to shut down an energy grid.

Stephen Gates, chief research intelligence analyst at NSFOCUS, said most people don’t realise that critical infrastructures is being controlled by “computers that are just as vulnerable as our phones, laptops, servers, etc”.
Endpoint protection firm Sentinel One Labs discovered the malware and dubbed it SFG, revealing it not only collects information on the infected system but opens a backdoor through which a destructive payload could be launched.

This piece of malware, according to Sentinel One Labs, “exhibits traits seen in previous nation-state rootkits, and appears to have been designed by multiple developers with high-level skills and access to considerable resources”.

This type of attack is nothing new: the Russian state is still widely believed to be behind the Black Energy group, which shut down power to 225,000 people in Ukraine last year by attacking a power company.

Some of the principal problems with industrial control systems or critical infrastructure like railways or power plants is they tend to have been built before cyber-security was a consideration. When they are then retrofitted with security systems, it’s not always easy to tell where holes have been left.

Read More

googlepluslinkedinstumbleupon