Skip to content

Madit

For all of those MAD about IT

Ukraine Power Company Confirms Hackers Caused Outage

Posted on 21st January 2017 by TheLordMayor1983

The investigation is ongoing, but Ukraine’s national power company Ukrenergo has confirmed that the recent electricity outage in the Kiev region was caused by a cyberattack.

In a statement emailed to SecurityWeek on Thursday, Ukrenergo said a preliminary analysis showed that the normal operation of workstations and SCADA servers had been disrupted due to “external influences.”

The analysis indicates that the incident, described as a planned and layered intrusion, involved malware that allowed the attackers to remotely control internal systems. Investigators are in the process of establishing a timeline of events and identifying compromised accounts, points of entry, and devices infected with malware that may be lying dormant.

Ukrenergo is confident that the results of this investigation will help the company implement organizational and technological measures that would help prevent cyber threats and reduce the risk of power failure.

The incident took place on the night between December 17 and 18 at the substation in Pivnichna, causing blackouts in the capital city of Kiev and the Kiev region. Power was fully restored after just over an hour.

Ukrenergo officials immediately suspected external interference and brought in cybersecurity experts to conduct an investigation.

One of the experts involved in the probe told the BBC that the 2016 attacks were more sophisticated and better organized compared to the ones launched in December 2015. It also appears that several threat groups had worked together, and they may have tested techniques that could be used in other campaigns as well.

Russia is again the main suspect, the country being blamed for many of the cyberattacks launched recently against Ukraine.

A report published in October by Booz Allen Hamilton showed that the December 2015 attacks on Ukraine’s electric grid were part of a long-running campaign that also targeted the railway, media, mining and government sectors.

In the meantime, researchers continue to monitor KillDisk, one of the pieces of malware involved in the 2015 attack. They recently discovered that the destructive malware had turned into ransomware and started infecting Linux machines as well.

By Eduard Kovacs

Source http://www.securityweek.com/ukraine-power-company-confirms-hackers-caused-outage

Posted in Threats and Attacks

Post navigation

Yahoo discloses hack of 1 billion accounts
ProtonMail Launches Tor Hidden Service

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Recent Posts

  • Satan ransomware-as-a-service gives malware customising tools to hackers on Dark Web
  • Windows 10 Blocks Zero-Days Before Patches Arrive: Microsoft
  • Carbanak Group Used Numerous Tools in Recent Attacks

Categories

  • Legal Issues, Crimes and Punishment (14)
  • Patches and Workarounds (8)
  • Threats and Attacks (95)
  • Tools, Paper and Reports (17)
  • Vulnerabilities and Exposures (56)

Archives

  • January 2017
  • December 2016
  • November 2016
  • October 2016
  • September 2016
  • August 2016
  • July 2016
Proudly powered by WordPress | Theme: micro, developed by DevriX.