Ukraine’s Power Grid Attacked By Russia

Ukraine: electrical power transmission line to Poland

Highly destructive malware that infected at least three regional power authorities in Ukraine led to a power failure that left hundreds of thousands of homes without electricity last week, researchers said.

A Western Ukraine power company said that part of its service area, including the regional capital Ivano-Frankivsk, was left without power due to "interference" in its industrial control systems. The energy ministry in Kiev said that it has set up a special commission to investigate what happened. The outage left about half of the homes in the Ivano-Frankivsk region of Ukraine without electricity,

The news comes after Crimea lost at least one quarter of its power after Ukraine switched off supplies to the peninsula. Ukrainian police said that the situation was a result of unidentified saboteurs blowing up an electricity pylon; here, it would appear the bellicosity is a bit more virtual.

Researchers from antivirus provider ESET have confirmed that multiple Ukrainian power authorities were infected by "BlackEnergy," a package discovered in 2007 that was updated two years ago to include a host of new functions, including the ability to render infected computers unbootable.

More recently, ESET found, the malware was updated again to add a component dubbed KillDisk, which destroys critical parts of a computer hard drive and also appears to have functions that sabotage industrial control systems. The latest BlackEnergy also includes a backdoor secure shell (SSH) utility that gives attackers permanent access to infected computers.

Ukraine's SBU state security service blamed its neighbor, noting in a statement that it had thwarted malware that was wielded by "Russian security services.” The Kremlin has yet to comment on the allegation.

"It was an attempt to interfere in the system, but it was discovered and prevented," an SBU spokeswoman said, adding that the region would have faced a much longer blackout if the malware had executed as the attackers had intended.

To date, there have been very few documented assaults on industrial targets, although the possibility and the vulnerability of the sector is highly publicized. If the Ukraine’s accusations are validated, it would be the first time a specific power outage has been credibly linked to a cyber-attack, according to Robert Lee, a former US Air Force cyber warfare operations officer. However, if the accusations are proved out, it could open the floodgates for a deluge of nation-state attacks on critical infrastructure.

"Once there is a precedent, that would open up avenues for states to feel comfortable in going that route," said Lee, CEO of cybersecurity firm Dragos Security, speaking to Reuters. He said it was too early to say whether the SBU's account was credible.

ArsTechnica:        Infosecurity-Magazine

« Ukraine Is Blaming Russian State Sponsored Hackers
Education: Introvert Personalities Go Mobile & Online »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

FT Cyber Resilience Summit: Europe

FT Cyber Resilience Summit: Europe

27 November 2024 | In-Person & Digital | 22 Bishopsgate, London. Business leaders, Innovators & Experts address evolving cybersecurity risks.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Institute for National Security and Counterterrorism (INSCT)

Institute for National Security and Counterterrorism (INSCT)

INSCT is a center for the study of national security, international security, and counterterrorism. Research programs include New Frontiers in Science, Cyber, & Technology

IoT Security Foundation (IoTSF)

IoT Security Foundation (IoTSF)

IoTSF is a collaborative, non-profit organisation with a mission to raise the quality and drive pervasive security in the Internet of Things.

Atos

Atos

Atos provides a unique Cyber Security end to end solution with a data-centric and pre-emptive security approach.

Hague Security Delta (HSD)

Hague Security Delta (HSD)

The Hague Security Delta Campus is home of the leading cyber security cluster in Europe with an Innovation Centre, labs and training facilities.

DomainTools

DomainTools

DomainTools is the global leader for internet intelligence and the first place security practitioners go when they need to know.

EverC

EverC

EverC (formerly EverCompliant) is a leading provider of cyber intelligence that allows acquiring banks and payment service providers (PSP) to manage cyber risk.

SoftLock

SoftLock

Softlock is a regional leader in Information Security providing solutions, consulting, integration and testing services to protect information assets, identities and supporting infrastructure.

Digittrade

Digittrade

Digittrade develop and produce external encrypted hard disks and secure communications apps.

Arab Information & Communication Technologies Organization (AICTO)

Arab Information & Communication Technologies Organization (AICTO)

The Arab ICT Organization (AICTO) is an Arab governmental organization working under the aegis of the league of Arab States.

Information & eGovernment Authority (iGA) - Bahrain

Information & eGovernment Authority (iGA) - Bahrain

The Information & eGovernment Authority facilitates many services catering to different parts of the community within the IT sector in Bahrain including information security.

NGS (UK)

NGS (UK)

NGS (UK) Ltd are independent, vendor agnostic, next generation security trusted advisors, providing all-encompassing solutions from the perimeter to the endpoint.

RiskRecon

RiskRecon

RiskRecon makes it easy to gain deep, risk contextualized insight into the cybersecurity risk performance of all of your third parties.

Eco Recycling (Ecoreco)

Eco Recycling (Ecoreco)

Eco Recycling is India's first and leading professional E-waste Management Company that has set industry benchmarks with its innovative & environment friendly disposal practices.

Kasada

Kasada

Kasada has developed a radical approach to defeating automated cyberthreats based on its unmatched understanding of the human minds behind them.

CFTS

CFTS

CFTS 'Computer Facilities Technical Services' is a Ugandan ICT Support Company that specialises in infrastructure and support services including network security.

BJSS

BJSS

BJSS is an award-winning technology and engineering consultancy for business.