Security firms ESET and Dragos have both released reports on the malware that was used to offline a Ukrainian utility in December, calling it Industroyer and CrashOverride, respectively – with Dragos warning that it might have been just a trial run for malware that is building upon techniques used in other infamous attacks. CrashOverride / Industroyer uses a lot of insider knowledge to attack utility assets, suggesting that the attackers, identified as Electrum by Dragos (with ties to the Sandworm team that was behind the BlackEnergy attacks), are rather familiar with the habits and processes of European utilities. It seems that the malware itself isn’t particularly menacing, but rather that the danger lies in that insider knowledge being put to…