Recent reports from Mandiant has identified Russia-linked malware that affects electric grids

The U.S. government declared that it was collaborating with its Five Eyes partners to find any potential violations

A new industrial control system malware, code-named "CosmicEnergy," has been identified by security experts, and it has the potential to damage vital infrastructure systems and power grids. Researchers at Mandiant discovered the malicious programme, and they have compared CosmicEnergy to the destructive Industroyer malware that the Russian state-backed "Sandworm" hacker gang used to shut off the electricity in Ukraine in 2016. Unusually, Mandiant asserts that it discovered CosmicEnergy prior to a cyberattack on key infrastructure.

According to the cybersecurity firm's investigation, Rostelecom-Solar, the national telecom operator of Russia, might have created the virus in order to promote exercises like those held in partnership with the Russian Ministry of Energy in 2021. It might have been created by a contractor as a red-teaming tool for Rostelecom-Solar's mock power outages, according to Mandiant. But because there isn't enough proof, Mandiant further believes that it's possible that another actor, either with or without permission, reused code related to the cyber range to develop this malware. The U.S. government declared that it was collaborating with its Five Eyes partners to find any potential violations in light of the report.