Crashoverride / Industroyer Malware

CrashOverrride is an industrial control system cyberattack launched in December 2016 that created a massive blackout in Kiev, Ukraine. Also known as Industroyer by security firm ESET, CrashOverride is a form of malware developed with capabilities to control electricity substation switches and circuit breakers on a wide scale.

The Industroyer / CrashOverrride malware doesn’t need to target any zero-day exploits or unpatched security vulnerabilities to do its damage; instead it communicates directly with industrial hardware through communication protocols that were designed many years in the past without significant security in mind.

CrashOverrride / Industroyer Malware

Industroyer Image Source: ESET

Following in the Footsteps of Stuxnet and BlackEnergy

CrashOverride also isn’t the first form of malware to target electricity substations, as it followed an attack known as BlackEnergy that created a blackout in the Ukraine in 2015.

The CrashOverrride / Industroyer malware also shares similarities with the Stuxnet malware that targeted an Iranian power plant in 2010 and which also used its ability to communicate directly with industrial hardware to do its damage.

These forms of malware have brought to light just how vulnerable industrial environments and most environments in our increasingly Internet of Things (IoT) world can be to cyberattacks.

Defending against them requires a multilayer approach that can be difficult to apply when dealing with hardware and software systems that were developed many years ago without sophisticated or even basic in many cases security measures taken into consideration.

Forrest Stroud
Forrest Stroud
Forrest is a writer for Webopedia. Experienced, entrepreneurial, and well-rounded, he has 15+ years covering technology, business software, website design, programming, and more.
Get the Free Newsletter
Subscribe to Daily Tech Insider for top news, trends & analysis
This email address is invalid.
Get the Free Newsletter
Subscribe to Daily Tech Insider for top news, trends & analysis
This email address is invalid.

Related Articles

Embedded Analytics

Embedded analytics brings self-service business intelligence to everyday application users.

HRIS

Human resources information system (HRIS) solutions help businesses manage multiple facets of their workforce operations. They provide a central platform for human resources professionals...

Complete List of Cybersecurity Acronyms

Cybersecurity news and best practices are full of acronyms and abbreviations. Without understanding what each one means, it's difficult to comprehend the significance of...

Human Resources Management System

A Human Resources Management System (HRMS) is a software application that supports many functions of a company's Human Resources department, including benefits administration, payroll,...

ScalaHosting

ScalaHosting is a leading managed hosting provider that offers secure, scalable, and affordable...

HRIS

Human resources information system (HRIS) solutions help businesses manage multiple facets of their...

Best Managed Service Providers...

In today's business world, managed services are more critical than ever. They can...