Blog
About

440
views
0
recommends
+1 Recommend
1 collections
    4
    shares
      • Record: found
      • Abstract: found
      • Conference Proceedings: found
      Is Open Access

      Threat Analysis of BlackEnergy Malware for Synchrophasor based Real-time Control and Monitoring in Smart Grid

      1 , 1 , 1 , 1 , 1

      4th International Symposium for ICS & SCADA Cyber Security Research 2016 (ICS-CSR)

      Cyber Security Research

      23 - 25 August 2016

      BlackEnergy, Malware, Cyber Attacks, Synchrophasors, Smart Grid, IEEE C37.118, IEC 61850-90-5

      Read this article at

      Bookmark
          There is no author summary for this article yet. Authors can add summaries to their articles on ScienceOpen to make them more accessible to a non-specialist audience.

          Abstract

          The BlackEnergy malware targeting critical infrastructures has a long history. It evolved over time from a simple DDoS platform to a quite sophisticated plug-in based malware. The plug-in architecture has a persistent malware core with easily installable attack specific modules for DDoS, spamming, info-stealing, remote access, boot-sector formatting etc. BlackEnergy has been involved in several high profile cyber physical attacks including the recent Ukraine power grid attack in December 2015. This paper investigates the evolution of BlackEnergy and its cyber attack capabilities. It presents a basic cyber attack model used by BlackEnergy for targeting industrial control systems. In particular, the paper analyzes cyber threats of BlackEnergy for synchrophasor based systems which are used for real-time control and monitoring functionalities in smart grid. Several BlackEnergy based attack scenarios have been investigated by exploiting the vulnerabilities in two widely used synchrophasor communication standards: (i) IEEE C37.118 and (ii) IEC 61850-90-5. Further, the paper also investigates protection strategies for detection and prevention of BlackEnergy based cyber physical attacks.

          Related collections

          Most cited references 19

          • Record: found
          • Abstract: not found
          • Article: not found

          Evaluation of the vulnerability of phasor measurement units to GPS spoofing attacks

            Bookmark
            • Record: found
            • Abstract: not found
            • Article: not found

            Exploring the IEEE Standard C37.118–2005 Synchrophasors for Power Systems

              Bookmark
              • Record: found
              • Abstract: not found
              • Article: not found

              A survey of electric power synchrophasor network cyber security

                Bookmark

                Author and article information

                Contributors
                Conference
                October 2016
                October 2016
                : 53-63
                Affiliations
                Queen’s University Belfast, Belfast, United Kingdom
                Article
                10.14236/ewic/ICS2016.7
                © Khan et al. Published byBCS Learning & Development Ltd.Proceedings of the 4th International Symposium for ICS & SCADA Cyber Security Research 2016

                This work is licensed under a Creative Commons Attribution 4.0 Unported License. To view a copy of this license, visit http://creativecommons.org/licenses/by/4.0/

                4th International Symposium for ICS & SCADA Cyber Security Research 2016
                ICS-CSR
                4
                Queen’s Belfast University, UK
                23 - 25 August 2016
                Electronic Workshops in Computing (eWiC)
                Cyber Security Research
                Product
                Product Information: 1477-9358BCS Learning & Development
                Self URI (journal page): https://ewic.bcs.org/
                Categories
                Electronic Workshops in Computing

                Comments

                Comment on this article