Upon discovery and initial analysis in mid-2017, audiences primarily viewed CRASHOVERRIDE as a disruptive event targeting electric utility operations in Ukraine. Similar to the 2015 attack in the same area, CRASHOVERRIDE interrupted the flow of electricity by manipulating ICS equipment and delayed recovery operations to prolong the impact. However, CRASHOVERRIDE’s immediate effects represent only the precursors for an attempt at a more ambitious attack than what was achieved.
This webinar reexamines the CRASHOVERRIDE event and likely attacker intentions, highlighting how CRASHOVERRIDE attempted a different type of attack than 2015.
Attendees learn how to begin developing and deploying the required visibility, resilience, and response measures needed to cope with an attack like CRASHOVERRIDE.