LONDON (REUTERS) – Ukraine mentioned on Tuesday (April 12) it had thwarted an try by Russian hackers to break its electricity grid final week with a cyberattack.
“This is a military hacking team,” mentioned authorities spokesman Victor Zhora. “Their aim was to disable a number of facilities, including electricity substations.”
“They did not succeed, and we’re investigating.”
Kyiv blamed the assault on a gaggle dubbed “Sandworm” by researchers and beforehand tied to cyberattacks attributed to Russia.
The Computer Emergency Response Team of Ukraine (CERT-UA) mentioned in a press release the hackers had focused computer systems controlling excessive voltage substations in Ukraine, belonging to an vitality firm which CERT-UA didn’t establish.
The hackers had struck in two waves, first compromising the facility community no later than February, earlier than the second assault, which included a plan to close substations and hurt infrastructure final Friday night, it mentioned.
Ukraine managed to forestall the assault from happening, and there was no harm to the grid.
Russian officers couldn’t be instantly reached for remark. Moscow has persistently denied accusations it has launched cyberattacks on Ukraine.
Slovakian cybersecurity agency ESET, which mentioned it had labored with Ukraine to foil the assault, described the malware as an upgraded model of a programme which had brought about energy blackouts in Kyiv in 2016.
One piece of malware was designed to take over pc networks on the vitality supplier “in order to cut power”, whereas a second program was deployed to wipe out information to gradual makes an attempt to get energy again on-line.
“Sandworm is an apex predator, capable of serious operations, but they aren’t infallible,” Mr John Hultquist of US cybersecurity agency Mandiant mentioned.
“It’s increasingly clear that one of the reasons attacks in Ukraine have been moderated is because defenders there are very aggressive and very good at confronting Russian actors.”