Ukraine’s Power Grid Attacked By Russia

Uploaded on 2016-01-29 in GOVERNMENT-Defence, FREE TO VIEW, BUSINESS-Production-Utilities, BUSINESS-Production-Energy, GOVERNMENT-National, INTELLIGENCE--Europe, INTELLIGENCE-Hot Spots-Russia, NEWS-Cybersecurity News, TECHNOLOGY--Hackers

Ukraine: electrical power transmission line to Poland

Highly destructive malware that infected at least three regional power authorities in Ukraine led to a power failure that left hundreds of thousands of homes without electricity last week, researchers said.

A Western Ukraine power company said that part of its service area, including the regional capital Ivano-Frankivsk, was left without power due to "interference" in its industrial control systems. The energy ministry in Kiev said that it has set up a special commission to investigate what happened. The outage left about half of the homes in the Ivano-Frankivsk region of Ukraine without electricity,

The news comes after Crimea lost at least one quarter of its power after Ukraine switched off supplies to the peninsula. Ukrainian police said that the situation was a result of unidentified saboteurs blowing up an electricity pylon; here, it would appear the bellicosity is a bit more virtual.

Researchers from antivirus provider ESET have confirmed that multiple Ukrainian power authorities were infected by "BlackEnergy," a package discovered in 2007 that was updated two years ago to include a host of new functions, including the ability to render infected computers unbootable.

More recently, ESET found, the malware was updated again to add a component dubbed KillDisk, which destroys critical parts of a computer hard drive and also appears to have functions that sabotage industrial control systems. The latest BlackEnergy also includes a backdoor secure shell (SSH) utility that gives attackers permanent access to infected computers.

Ukraine's SBU state security service blamed its neighbor, noting in a statement that it had thwarted malware that was wielded by "Russian security services.” The Kremlin has yet to comment on the allegation.

"It was an attempt to interfere in the system, but it was discovered and prevented," an SBU spokeswoman said, adding that the region would have faced a much longer blackout if the malware had executed as the attackers had intended.

To date, there have been very few documented assaults on industrial targets, although the possibility and the vulnerability of the sector is highly publicized. If the Ukraine’s accusations are validated, it would be the first time a specific power outage has been credibly linked to a cyber-attack, according to Robert Lee, a former US Air Force cyber warfare operations officer. However, if the accusations are proved out, it could open the floodgates for a deluge of nation-state attacks on critical infrastructure.

"Once there is a precedent, that would open up avenues for states to feel comfortable in going that route," said Lee, CEO of cybersecurity firm Dragos Security, speaking to Reuters. He said it was too early to say whether the SBU's account was credible.

ArsTechnica:        Infosecurity-Magazine

« Ukraine Is Blaming Russian State Sponsored Hackers
Education: Introvert Personalities Go Mobile & Online »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

MyCERT

MyCERT

MyCERT is the National Computer Emergency Response Team of Malaysia.

Indium Software

Indium Software

Indium Software is an Independent Software Testing Company offering software testing services (including security testing) and offshore Quality Assurance solutions.

Zettaset

Zettaset

Zettaset’s XCrypt Data Encryption Platform delivers proven protection for Object, Relational/SQL, NoSQL, and Hadoop data stores…in the cloud and on-premises.

achelos

achelos

achelos is an independent software development company providing innovative technical solutions for micro-processor chips / security chips and embedded systems in security-critical application fields.

SureVine

SureVine

Surevine builds secure, scalable collaboration solutions for the most security conscious organisations, enabling collaboration on their most sensitive information.

Uleska

Uleska

Uleska is a scalable platform that provides automated and continuous software security testing whilst translating cyber risk.

Semmle

Semmle

Semmle's code analysis platform helps teams find zero-days and automate variant analysis. Secure your code with continuous security analysis and automated code review.

Edureka

Edureka

Edureka is an online technology training provider with the most effective learning system in the world. We help professionals learn trending technologies for career growth.

Camel Secure

Camel Secure

Camel Secure is a company specialized in the development of products for information security and technology risk management.

Seadot Cybersecurity

Seadot Cybersecurity

Seadot offer cybersecurity services to organizations with a high demand for regulatory compliance and security.

RedLegg

RedLegg

RedLegg is a master provider of information security services, a boutique, nimble, old-fashioned customer service company that enjoys the technology battlefield.

Kiteworks

Kiteworks

Kiteworks (formerly Accellion) creates a dedicated Private Content Network that ensures zero-trust private content protection and compliance.

Tonex

Tonex

Tonex providing industry-leading technology training, courses, seminars, workshops, and consulting services to companies and government organizations around the world.

Resilience Cyber insurance

Resilience Cyber insurance

Resilience helps to improve cyber resilience by connecting cyber insurance coverage with advanced cybersecurity visibility and a shared plan to reinforce great cyber hygiene.

SPIE Switzerland

SPIE Switzerland

SPIE Switzerland AG, a subsidiary of the SPIE Group, is a Swiss full-service provider of ICT, multi-technical and integral facility services.

Heyhack

Heyhack

Heyhack is a SOC 2 Type II certified automated penetration testing platform for web apps and APIs.