"Researchers Uncover Russia-Linked Malware That Could Immobilize Electric Grids"
Researchers have discovered new malware for Industrial Control Systems (ICS), dubbed "CosmicEnergy," which could be used to disrupt critical infrastructure systems and electric grids. CosmicEnergy was discovered by researchers at Mandiant, who compared its capabilities to those of the destructive Industroyer malware that the Russia-backed "Sandworm" hacking group used in 2016 to cut power in Ukraine. In a rare occurrence, Mandiant discovered CosmicEnergy through threat hunting rather than a cyberattack on critical infrastructure. According to Mandiant, the malware was uploaded to VirusTotal, a Google-owned malware and virus scanner, in December 2021 by a Russian submitter. An analysis indicates that the malware may have been created by Rostelecom-Solar, the cybersecurity division of Russia's national telecommunications operator Rostelecom, to support exercises such as those held in 2021 in collaboration with the Russian Ministry of Energy. This article continues to discuss the malware that could disrupt critical infrastructure systems and electric grids.
TechCrunch reports "Researchers Uncover Russia-Linked Malware That Could Immobilize Electric Grids"