The CrashOverride program represents the first-in-the-wild case of a generic automated attack: one that is designed to affect all systems of a given family, not just a particular installation. If someone were to couple this warhead to a self-propagating worm for delivery, it could constitute a global threat.
Latest in Critical infrastructure
Proposals to establish international norms against intruding against other nations' critical infrastructures fail to recognize that while few nation-states want to cause massive systemic risk, nobody can agree on what constitutes systemic risk or what trade-offs are worth what level of risk of a calamitous event.
We've released a new MIT report aimed at helping break the cycle of futility plaguing our efforts to protect critical infrastructure.