Site icon TechNewsBoy.com

Ukraine says it stopped a Russian cyberattack on its power grid

An attack on Ukraine’s power grid was foiled by cybersecurity analysts and officials, as reported by Reuters. After investigating the methods and software used by the attackers, cybersecurity firm ESET says that it was likely carried out by a hacking group called Sandworm, which The Record reports allegedly has ties to the Russian government.

The group planned to shut down computers that controlled substations and infrastructure belonging to a particular power company, according to the Computer Emergency Response Team of Ukraine (or CERT-UA). The hackers meant to cut off power on April 8th while also wiping the computers that would be used to try and get the grid back online.

This attempted attack involved a wide variety of malware, according to ESET, including the recently discovered CaddyWiper. ESET also found a new piece of malware, which it calls Industroyer2. The original Industroyer was used in a successful 2016 cyberattack that cut off power in parts of Kyiv, according to the security firm, probably by the same group behind this month’s foiled attack. Industroyer isn’t widely used by hackers — ESET notes that it’s only seen it used twice (earlier this month and in 2016), which implies that it’s written for very specific uses.

CERT-UA says that the hackers were biding their time, initially breaching the company’s systems before March. ESET’s analysis shows that one of the main pieces of malware was compiled over two weeks before the attack was supposed to take place.

It’s unclear how the hackers initially got into the company’s network or how they gained access to the network that controls industrial equipment like the targeted substations. The analysis does show, however, that the hackers were planning on covering their tracks after the attack.

Ukraine and its infrastructure have been targeted by hackers since before the Russian invasion began. It’s likely that this won’t be the last attack on its power grid, but the country’s response to this incident shows that its cybersecurity defense strategy is capable of warding off complex attacks.

For all the latest Technology News Click Here 

 For the latest news and updates, follow us on Google News

Read original article here

Denial of responsibility! TechNewsBoy.com is an automatic aggregator around the global media. All the content are available free on Internet. We have just arranged it in one platform for educational purpose only. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, all materials to their authors. If you are the owner of the content and do not want us to publish your materials on our website, please contact us by email – abuse@technewsboy.com. The content will be deleted within 24 hours.
Exit mobile version