COSMICENERGY: New OT Malware Possibly Related To Russian Emergency Response Exercises

US cybersecurity firm Mandiant has identified a malware, COSMICENERGY, that is designed to disrupt the electric power supply. The software, believed to have been developed by a contractor as a red teaming tool for power disruption exercises hosted by Russian cybersecurity firm Rostelecom-Solar, interacts with specific devices used in power transmission and distribution in Europe, the Middle East, and Asia. The discovery suggests barriers to entry for developing such malware are lowering, making it likely COSMICENERGY could pose a threat to electrical grid assets.