1.4 million households outage due to cyber attack on power company


ByMatthias Ripp

On December 23, 2015, 1.4 million households had power outages in the vicinity of the city of Ivano-Frankie Ushik in the western Ukraine. The blackout itself was a few hours, but this is actually a cyber attack, and it is clear that it is a thing using malware called "BlackEnergy".

Из - за хакерской атаки обесточило половину Ивано - Франковской области - Новости Украины на 1 + 1 - ТСН.ua
http://ru.tsn.ua/ukrayina/iz-za-hakerskoy-ataki-obestochilo-polovinu-ivano-frankovskoy-oblasti-550406.html


BlackEnergy trojan strikes again: Attacks Ukrainian electric power industry
http://www.welivesecurity.com/2016/01/04/blackenergy-trojan-strikes-again-attacks-ukrainian-electric-power-industry/

Ukraine to probe suspected Russian cyber attack on grid | Reuters
http://www.reuters.com/article/us-ukraine-crisis-malware-idUSKBN0UE0ZZ20151231

This is revealed by the Department of Energy of Ukraine. For a long time, alarm bells were ringing about cyber attacks aimed at infrastructure, but this case is a very rare case where cyber attack actually succeeded.

The attack itself is very simple, send an attachment containing malware by e-mailSpear phishing. An attacker can tell the sender of the mailUkrainian parliamentHe was disguised as a member of the Diet.

This malware "BlackEnergy" downloads various modules as necessary and does "work". In this case, "Win32 / KillDisk" has been found which makes it impossible to start up by deleting the system file from the system which is infected with malware.

The Ukrainian Security Agency, which is engaged in anti-terrorism and anti-intrusive activities, said this attack was due to Russian security services and could prevent attempts to interfere with the system, but if it could not prevent the blackout, I mentioned that it was going on.

In Ukraine, Christmas is celebrated on 7th January of Ukrainian Orthodox, so December 23 is not "before Christmas", but attackers dare to use the malware that was not found before so far to attack It is thought that it went. However, it is unknown whether it was an attack by Russia as SMS said.

in Security, Posted by logc_nt