Secure Industrial Control  Systems from CosmicEnergy and Similar Malware

View More

Arrow

CosmicEnergy 

1

CosmicEnergy malware, aimed at industrial control systems (ICS), no immediate threat to operational technology (OT), but caution is advised

View More

Arrow

2

Designed to interact with ICS devices in electric transmission, it can tamper with power line switches and circuit breakers

View More

Arrow

3

Linked to Russian threat actors, particularly targeting remote terminal units (RTUs) in Europe, the Middle East, and parts of Asia

View More

Arrow

4

Consists of two main components: LightWork for modifying RTU state and PieHop for uploading files and issuing commands

View More

Arrow

5

Not as advanced as other ICS malware like Industroyer, suggesting it may have been created for training purposes

View More

Arrow

6

– No evidence of the malware being deployed in the wild;      may have been developed by a contractor at Rostelecom-Solar or based on      their code.

View More

Arrow

7

Coding errors in PieHop prevented proper execution;  LightWork lacks maturity and requires further development for full-fledge attacks.

View More

Arrow

Read more about OT/ICS targeted attacks from our threat report

Know More