Secure Industrial Control Systems from CosmicEnergy and Similar Malware
View More
1
CosmicEnergy malware, aimed at industrial control systems (ICS), no immediate threat to operational technology (OT), but caution is advised
View More
2
Designed to interact with ICS devices in electric transmission, it can tamper with power line switches and circuit breakers
View More
3
Linked to Russian threat actors, particularly targeting remote terminal units (RTUs) in Europe, the Middle East, and parts of Asia
View More
4
Consists of two main components: LightWork for modifying RTU state and PieHop for uploading files and issuing commands
View More
5
Not as advanced as other ICS malware like Industroyer, suggesting it may have been created for training purposes
View More
6
– No evidence of the malware being deployed in the wild; may have been developed by a contractor at Rostelecom-Solar or based on their code.
View More
7
Coding errors in PieHop prevented proper execution; LightWork lacks maturity and requires further development for full-fledge attacks.
View More
Know More