Friday, December 2, 2022
Home TECH Russia plans 'massive cyber attacks' on critical infrastructure, Ukraine warns

Russia plans ‘massive cyber attacks’ on critical infrastructure, Ukraine warns

goat | fake images

The Ukrainian government warned on Monday that the Kremlin plans to carry out “massive cyberattacks” targeting power grids and other critical infrastructure in Ukraine and the territories of its allies.

“With cyber attacks, the enemy will try to increase the effect of missile attacks on electricity supply facilities, mainly in the eastern and southern regions of Ukraine,” said a advisory warned. “The occupation command is convinced that this will slow down the offensive operations of the Ukrainian Defense Forces.”

Monday’s notice alluded to two cyberattacks carried out by the Russian government, first in 2015 and then almost exactly a year later, that deliberately left Ukrainians without power during one of the coldest months of the year. The attacks were seen as a proof of concept and a kind of testing ground to disrupt Ukraine’s power supply.

The first attack reused a known piece of malware, called BlackEnergy, created by Kremlin-backed hackers. Attackers used this new BlackEnergy3 malware to penetrate the corporate networks of Ukrainian power companies and then further invade data acquisition and supervisory control systems that the companies used to generate and transmit electricity. The hack allowed the attackers to use legitimate functionality commonly found in power distribution and transmission to trigger a flaw that left more than 225,000 people without power for more than six hours.

The 2016 attack was more sophisticated. It used a new piece of malware written from scratch designed specifically to hack power grid systems. The new malware, which goes by the names Industroyer and Crash Override, was noted for its mastery of arcane industrial processes used by Ukrainian network operators. The industry natively communicated with those systems to tell them to de-energize and then re-energize the substation lines.

“The experience of cyber attacks on Ukraine’s energy systems in 2015 and 2016 will be used when conducting operations,” the Ukrainian government said on Monday.

Monday’s notice comes two weeks after Ukrainian forces regained vast swathes of territory in Kharkiv and other cities that had been under Russian control for months. Russian President Vladimir Putin last week called for the mobilization of 300,000 Russian citizens to reinforce the country’s military invasion of Ukraine.

The move, which was the first time since World War II that Russia has done so, has sparked protests and a diaspora of Russians, mostly men, fleeing the country. A shift towards greater reliance on piracy by the country’s armed forces could be seen as a way to achieve the goals without putting further pressure on current manpower shortages.

It is difficult to assess the chances of a successful hacking campaign against Ukraine’s power grids. Earlier this year, Ukraine’s CERT-UA said it successfully detected a new strain of Industroyer within the network of a regional Ukrainian energy company. Reportedly, Industroyer2 was able to temporarily shut off power to nine electrical substations, but stopped before a major blackout was triggered.

“We do not have any direct knowledge or data to make an assessment of Ukraine’s ability to defend its network, but we do know that CERT-UA stopped the deployment of INDUSTROYER.V2 malware that targeted Ukraine’s electrical substations earlier this year.” , Chris Sistrunk, technical manager for Client Industrial Control Systems Consulting, wrote in an email. “Based on that, and based on what we know about the overall resolve of the Ukrainian people, it’s becoming increasingly clear that one of the reasons cyberattacks in Ukraine have decreased is because their defenders are very aggressive and very good at confronting to Russian actors.

But researchers at Mandiant and elsewhere also noted that Sandworm, the name of the Kremlin-backed group behind the power grid attacks, is among the world’s most elite hacking groups. They are known for their stealth, persistence, and remaining hidden within specific organizations for months or even years before appearing.

In addition to an attack on power grids, Monday’s advisory also warned of other forms of outages that the country hoped Russia would ramp up.

“The Kremlin also intends to increase the intensity of DDoS attacks on the critical infrastructure of Ukraine’s closest allies, primarily Poland and the Baltic states,” the notice stated. Since February, researchers have said that pro-Russian threat actors have been behind a steady stream of distributed denial-of-service attacks targeting Ukraine and its allies.

RELATED ARTICLES

How a small electoral business became a conspiracy theory target

At an invitation-only conference in August at a secret location southeast of Phoenix, a group of election deniers revealed a new conspiracy theory about...

A huge new data set pushes the limits of neuroscience

So neuroscientists use an approach called "dimensionality reduction" to make such a visualization possible: They take data from thousands of neurons and, by applying...

LEAVE A REPLY

Please enter your comment!
Please enter your name here

- Advertisment -

Most Popular

4 Ways to Make Your Office Reception Area More Comfortable for Clients

Reception areas are the first thing your clients see when they visit your office, so you want to make sure it gives...

Top Tips for a Good Night’s Sleep

A good night's sleep is essential for our overall health and well-being, yet many people struggle to get the rest they need....

The Top Three Things You Can Do to Make Your Carnival Event More Spectacular

All kids love carnivals, and most adults do, too. What can be more thrilling and exciting than the...

The Importance of the Court Reporter’s Neutrality

The Importance of the Court Reporter’s Neutrality To listen and record with bias or judgement is a skill that’s...