Ukraine claims to have thwarted an attempt by Russian hackers to penetrate one of its energy grid networks fully and knock out power in the country last week.
The hack targeted an unidentified energy company linked to several substations and had the potential to cut power to roughly 2 million people, but cybersecurity firm ESET and Microsoft helped neutralize the attack, Viktor Zhora, a Ukrainian cybersecurity official, told reporters.
UKRAINIAN PROSECUTOR GENERAL INVESTIGATING ROUGHLY 5,800 ALLEGED WAR CRIMES
“The hackers planned the electrical outages for 8 April, to strike on Friday evening, before the weekend,” Zhora said, according to the BBC. “It looks like we have been extremely lucky to respond to this in a timely manner.”
The attack is believed to have been carried out by Sandworm, a group connected to several other cyberattacks believed to have come from Russia, Zhora and ESET claimed. Sandworm is a cybermilitary group the U.S. government believes is controlled by Russia’s intelligence agency, the GRU.
Hackers are suspected to have laid the groundwork for the attack two weeks prior to the April 8 attempt because one of the malicious programs used in the attack was dated March 23. The hack managed to disrupt part of the control system at one power station, but officials managed to stave off electrical outages, the BBC reported.
Russian hackers relied on Industroyer2, a beefed-up version of malware used in a 2016 attack that successfully caused blackouts in Ukraine at the time, ESET noted. Industroyer2 has the ability to infect computer networks and communicate with industrial equipment, enabling it to cut off power. The cybersecurity firm believes Sandworm was the mastermind behind that attack as well, but Russia denied responsibility.
In a bid to cover up their tracks, the hackers deployed CaddyWiper and several other similar programs in a bid to wipe out data from the system and hypothetically slow efforts to restore power, ESET claimed. CaddyWiper has been deployed against a number of Ukrainian companies since Russia’s invasion began.
ESET, Microsoft, the unidentified company’s staff, and Ukrainian intelligence collaborated to stave off the hack. Officials declined to provide further details to the public on how the attack was averted.
CLICK HERE TO READ MORE FROM THE WASHINGTON EXAMINER
Authorities provided key information such as malware samples and compromise indicators to international partners and other Ukrainian energy companies.
Ukraine’s energy sector has been the target of a number of attacks from Russian invaders since the war broke out in late February. Zhora said he was alerted to attempts to undermine energy grids within the country since the dawn of the invasion.
