Ukraine’s Power Grid Attacked By Russia

Uploaded on 2016-01-29 in GOVERNMENT-Defence, FREE TO VIEW, BUSINESS-Production-Utilities, BUSINESS-Production-Energy, GOVERNMENT-National, INTELLIGENCE--Europe, INTELLIGENCE-Hot Spots-Russia, NEWS-Cybersecurity News, TECHNOLOGY--Hackers

Ukraine: electrical power transmission line to Poland

Highly destructive malware that infected at least three regional power authorities in Ukraine led to a power failure that left hundreds of thousands of homes without electricity last week, researchers said.

A Western Ukraine power company said that part of its service area, including the regional capital Ivano-Frankivsk, was left without power due to "interference" in its industrial control systems. The energy ministry in Kiev said that it has set up a special commission to investigate what happened. The outage left about half of the homes in the Ivano-Frankivsk region of Ukraine without electricity,

The news comes after Crimea lost at least one quarter of its power after Ukraine switched off supplies to the peninsula. Ukrainian police said that the situation was a result of unidentified saboteurs blowing up an electricity pylon; here, it would appear the bellicosity is a bit more virtual.

Researchers from antivirus provider ESET have confirmed that multiple Ukrainian power authorities were infected by "BlackEnergy," a package discovered in 2007 that was updated two years ago to include a host of new functions, including the ability to render infected computers unbootable.

More recently, ESET found, the malware was updated again to add a component dubbed KillDisk, which destroys critical parts of a computer hard drive and also appears to have functions that sabotage industrial control systems. The latest BlackEnergy also includes a backdoor secure shell (SSH) utility that gives attackers permanent access to infected computers.

Ukraine's SBU state security service blamed its neighbor, noting in a statement that it had thwarted malware that was wielded by "Russian security services.” The Kremlin has yet to comment on the allegation.

"It was an attempt to interfere in the system, but it was discovered and prevented," an SBU spokeswoman said, adding that the region would have faced a much longer blackout if the malware had executed as the attackers had intended.

To date, there have been very few documented assaults on industrial targets, although the possibility and the vulnerability of the sector is highly publicized. If the Ukraine’s accusations are validated, it would be the first time a specific power outage has been credibly linked to a cyber-attack, according to Robert Lee, a former US Air Force cyber warfare operations officer. However, if the accusations are proved out, it could open the floodgates for a deluge of nation-state attacks on critical infrastructure.

"Once there is a precedent, that would open up avenues for states to feel comfortable in going that route," said Lee, CEO of cybersecurity firm Dragos Security, speaking to Reuters. He said it was too early to say whether the SBU's account was credible.

ArsTechnica:        Infosecurity-Magazine

« Ukraine Is Blaming Russian State Sponsored Hackers
Education: Introvert Personalities Go Mobile & Online »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Ixia

Ixia

Ixia provides testing, visibility, and security solutions to strengthen applications across physical and virtual networks.

Cybersecurity Advisors Network (CyAN)

Cybersecurity Advisors Network (CyAN)

CyAN provides a not-for-profit platform that helps private and public organisations as well as governments to identify trusted advisors in the area of Cyber Security and Cyber Crime.

Wolfpack Information Risk

Wolfpack Information Risk

Wolfpack specialise in information and cyber threat management covering the full spectrum of prevention, detection, incident response and business resilience capabilities.

Auxilium Cyber Security

Auxilium Cyber Security

Auxilium Cyber Security is independent information security consultancy company providing cyber security services tailored to meet the evolving needs of organizations worldwide.

CSO GmbH

CSO GmbH

CSO GmbH provide specialist consultancy services in the area of IT security.

Lirex

Lirex

Lirex offer consulting and outsourcing services, complete design, construction and maintenance of ICT solutions and systems including cybersecurity.

AVORD

AVORD

AVORD is a cloud-based security testing platform that allows clients to manage security testing requirements in a far more productive and efficient way.

Cybersecurity Professionals

Cybersecurity Professionals

Search vacancies from top cyber security jobs worldwide on CyberSecurity Professionals. View IT security jobs or upload your CV to be seen by recruiters from industry leading firms.

Elitecyber Group

Elitecyber Group

Elitecyber group is a team of Cyber Security recruitment experts who work for Cyber Security and Cyber Defence clients and candidates throughout Europe.

Hunter Strategy

Hunter Strategy

Hunter Strategy focuses on delivering solutions that are concise, scalable, and target our customer’s complex technical challenges.

10dot Cloud Security

10dot Cloud Security

10dot Cloud Security is a security service management company. Our solutions give you contextualised visibility into your network security.

SessionGuardian

SessionGuardian

SessionGuardian (formerly SecureReview) is the world's first and only technology which ensures second-by-second biometric identity verification of your remote user, from log on to log off.

Appsec Phoenix

Appsec Phoenix

Appsec Phoenix is an end to end vulnerability management platform that focuses on workflows, threat feed, and real time data.

SecureOps

SecureOps

SecureOps is transforming the Managed Security Service Provider industry by providing tailored cybersecurity solutions proven to protect organizations from cyberattacks.

Ward Solutions

Ward Solutions

Ward Solutions are an information security consultancy and managed services company. We help organisations protect their brand, people, assets, intellectual property and profits.

CheapSSLWEB

CheapSSLWEB

Buy SSL Certificates for your Website at Affordable Prices – Save Up to 90%