Malware

Industroyer

First seen: 2016-12 • Status: active

Currently Active Threat

Industroyer is a Russian weapon designed to shut down power grids. It caused blackouts in Ukraine in 2016 and they tried again in 2022.

Overview

Industroyer is sophisticated malware targeting electrical grids. It caused power outages in Ukraine in 2016 and Industroyer2 was used in 2022.

Also Known As

CrashOverride, Industroyer2

How It Spreads

  • Targeted attacks on ICS networks

What It Does

  • Manipulates industrial control systems
  • Causes power outages
  • Speaks ICS protocols

Is your business exposed?

Target Platforms

Windows, ICS/SCADA

Detection Tips

  • Monitor ICS network traffic
  • Watch for unauthorized ICS commands

MITRE ATT&CK Techniques

T0831, T0855

If You're Infected

  1. 1.

    Segment ICS networks immediately

  2. 2.

    Engage ICS security experts

Related Malware

Triton

Is your business exposed?

Check if your company data is circulating on the dark web

Free scan • No credit card required

Privacy PolicyYour Privacy Choices