Hacking, ranging from the serious to the faintly ridiculous, has been on the rise recently. but there’s an important context we miss: It’s entirely about the location and leaking of data. Hackers, in theory at least, can do much, much more than just dump your emails on the internet. And a piece of malware called ‘Crash Override’ demonstrates the worst that could (and may) happen.
Russia doesn’t dare, even now, attack US infrastructure via hacking, but it’s allegedly a lot more bold with countries Putin views as his rightful political possessions. Wired has a detailed look at an attack on a Ukrainian power station that happened thanks to the malware, which knocked out power in a part of Kiev for an hour last year, but is capable of far worse:
The researchers say this new malware can automate mass power outages, like the one in Ukraine’s capital, and includes swappable, plug-in components that could allow it to be adapted to different electric utilities, easily reused, or even launched simultaneously across multiple targets. They argue that those features suggest Crash Override could inflict outages far more widespread and longer lasting than the Kiev blackout.
This would make Crash Override the second “cyber-weapon” we know about, following the discovery of Stuxnet in 2009. Stuxnet has never officially been acknowledged as a weapon, but it was widely believed to be a virus programmed by Israeli and American spies to destroy Iran’s nuclear capability. That a state actor has something this advanced is, of course, worrying, but it also raises another question: if this is what we know both sides have, and are capable of, what do they have in their arsenal that we haven’t seen yet?