CrashOverRide malware can control electricity substation’ switches and circuit breakers, allowing an attacker to simply turning off power distribution, cascading failures and causing more severe damage to equipment. Malware can be modified to target other types of critical infrastructure, like transportation, gas lines, or water facilities, as well with additional protocol modules. The malware does not exploit any “zero-day” software vulnerabilities to do its malicious activities; instead, it relies on four industrial communication protocols used worldwide in power supply infrastructure, transportation control systems.
Source: https://thehackernews.com/2017/06/electric-power-grid-malware.html