Russian hackers tried to crash Ukraine’s electricity grid to help Ukraine.


Written by the state-run Ukraine Computer Emergency Response Team (CERT), the document describes “at least two successful hacking attempts”, one of which began on March 19, a few days after Ukraine joined Europe’s power grid. To end dependence on Russia.

Successful or not, the cyberattacks on the Ukrainian power grid represent a dangerous continuation of Russia’s aggression against Ukraine by a hacking group known as Sandworm, which the US has identified as Unit 74455 of Russia’s military intelligence agency.

Hackers believed to be working for Russian intelligence had previously disrupted the power system in Ukraine in both 2015 and 2016. While the 2015 attack was largely manual, the 2016 incident was an automated attack using malware known as Industroyer. The malware the researchers found in the 2022 attacks was named Industroyer2 because of its similarity.

“We are dealing with a competitor who has been drilling us in cyberspace for eight years,” Victor Zhora, deputy head of Ukraine’s State Special Service for Digital Development, told reporters on Tuesday. “The fact that we have been able to prevent it shows that we are stronger and more prepared. [than last time]”

Analysts at ESET examined Industroyer2’s code to map its capabilities and targets. The hackers tried not only to cut off the electricity, but also to destroy the computers that Ukrainians use to control their grids. This would cut off the power company’s ability to quickly get power back online using their computers.

In previous cyberattacks, the Ukrainians were able to quickly regain control within a few hours, reverting to manual operations, but the war has made this extremely difficult. It’s not so easy to send a truck to a substation when enemy tanks and soldiers may be nearby and computers are sabotaged.

“There is no point in hiding if they are punching Ukrainian hospitals and schools while they are openly waging war against our country,” Zhora said. “There is no need to hide after shooting Ukrainian houses with rockets.”

Given Moscow’s successful track record of aggressive cyberattacks on Ukraine and around the world, experts predicted that the country’s hackers would emerge and cause havoc. US officials for months warning About climbing from Russia struggles In the ground war with Ukraine.

During the war, Ukraine and the United States accused Russian hackers of using multiple wipers. Financial and government systems have been hit. Kyiv has also been the target of denial-of-service attacks that render government websites useless at crucial moments.

But the Industroyer2 attack marks the most serious cyberattack ever known in the war. Ukrainian cybersecurity officials are working with Microsoft and ESET to investigate and respond.

This is one of the few publicly known incidents where state-sponsored hackers have targeted industrial systems.

The first appeared in 2010, when it was revealed that the malware known as Stuxnet was produced—reportedly by the United States and Israel—to sabotage Iran’s nuclear program. Russia-backed hackers also reported initiated Numerous such campaigns against industrial targets in Ukraine, the United States and Saudi Arabia.


Source link

Leave a Reply

Your email address will not be published. Required fields are marked *