Delve into a 40-minute conference talk from Black Hat that examines Industroyer2, the latest version of malware designed to trigger electricity blackouts. Explore the technical details of this cyberattack targeting Ukraine's power grid during the Russian invasion, aiming to cause a major blackout affecting over two million people. Learn about the reverse engineering process of Industroyer2 and its comparison to the original Industroyer malware. Discover how this unique malware communicates with electrical substation ICS hardware using industrial protocols, specifically focusing on the IEC-104 protocol implementation in Industroyer2. Gain insights into the attribution of this attack to the Sandworm APT group, linked to Russia's GRU by the US Department of Justice. Presented by Robert Lipovsky and Anton Cherepanov, this talk offers a deep dive into the evolving landscape of cyberwarfare targeting critical infrastructure.
Industroyer2 - Sandworm's Cyberwarfare Targets Ukraine's Power Grid Again
Overview
Syllabus
Industroyer2: Sandworm's Cyberwarfare Targets Ukraine's Power Grid Again
Taught by
Black Hat
Related Courses
-
Ukraine's Past & Present Cyberwar
-
Industroyer - Crashoverride - Zero Things Cool About a Threat Group Targeting the Power Grid
-
Threat Intel Analysis of Ukrainians Power Grid Hack
-
Analyzing and Understanding CRASHOVERRIDE - ICS Cybersecurity Webcast
-
INCONTROLLER - New Malware Developed to Target Industrial Control Systems
