Discover ESET

Our vision, values and technology.

Newsroom

Get the latest ESET updates.

Press releases

Company news at your fingertips.

Press contacts

Contact information for media and agencies.

Careers

Build a career with ESET.

ESET Presents Industroyer Findings at Black Hat 2017

Next story

Las Vegas, NV - The world’s largest information security event, Black Hat, taking place in Las Vegas this week, today hosted one of the most anticipated main-stage panels at the conference. Security experts presented on their findings of a dangerous piece of malware designed to disrupt industrial control systems, one of the only known cyber threats targeting electrical substation switches and circuit breakers.

The malware was dubbed “Industroyer” by IT security firm ESET, which first discovered and published the groundbreaking research in June 2017. Today, a packed room full of security experts, media and industry professionals attended the first live presentation since the discovery.

“On December 17, 2016, there was yet another blackout in Ukraine, and we started analyzing this malware,” said ESET Senior Malware Researcher Robert Lipovsky. “We quickly got a sense of déjà vu, as we had seen similarities to the BlackEnergy malware, which caused a power outage in Ukraine nearly a year to the day before.”

ESET first began performing its analysis of the malware after a set of cyberattacks widely believed to have caused a massive blackout in the Ukrainian capital of Kiev in December 2016. The discovery went viral when published in June, and prompted attention and action for government officials and utility companies around the world.

“It’s clear the attackers did their homework,” said ESET Senior Malware Researcher Robert Lipovsky. ESET posted more technical details on Industroyer’s OPC Data Acess IDAPython script on Github.

Also on the panel were industrial-control experts from security firm Dragos, who shared their perspective and warned of the implications and dangers of this destructive malware.

The researchers reminded us that cyber criminals and cyber espionage groups’ hacking tactics are becoming more advanced.

“If it’s connected, they will find a way in,” noted Lipovsky in his finishing remarks. “If this is not a wakeup call, I don’t know what is.” 

About ESET

For 30 years, ESET® has been developing industry-leading IT security software and services for businesses and consumers worldwide. With solutions ranging from endpoint and mobile security to encryption and two-factor authentication, ESET’s high-performing, easy-to-use products give consumers and businesses the peace of mind to enjoy the full potential of their technology. ESET unobtrusively protects and monitors 24/7, updating defenses in real time to keep users safe and businesses running without interruption. Evolving threats require an evolving IT security company. Backed by R&D centers worldwide, ESET became the first IT security company to earn 100 Virus Bulletin VB100 awards, identifying every single instance of “in-the-wild” malware without interruption since 2003. For more information, visit www.eset.com or follow us on LinkedInFacebook, and Twitter.