Ukraine Says It Thwarted Russian Cyberattack on Electricity Grid

By Reuters | Updated: 14 April 2022 13:31 IST

Photo Credit: Reuters

The attack was likely carried out to support Russian military activities in eastern Ukraine, said Zhora

Highlights

Kyiv blamed the attack on a group called Sandworm
Sandworm allegedly has ties to the Russia
Ukraine managed to prevent the attack from taking place

Ukraine said on Tuesday it had thwarted an attempt by Russian hackers last week to damage its electricity grid with a cyberattack.

"This is a military hacking team," said government spokesman Victor Zhora. "Their aim was to disable a number of facilities, including electricity substations."

"They did not succeed, and we're investigating."

Infosys to Move Business Out of Russia

Kyiv blamed the attack on a group dubbed "Sandworm" by researchers and previously tied to cyberattacks attributed to Russia. The attack was likely carried out to support Russian military activities in eastern Ukraine, Zhora said.

Russian officials could not be immediately reached for comment on Tuesday. Moscow has consistently denied accusations it has launched cyberattacks on Ukraine.

The Computer Emergency Response Team of Ukraine (CERT-UA) said in a statement the hackers had targeted computers controlling high voltage substations in Ukraine, belonging to an energy company that CERT-UA did not identify.

EU Bans Provision of High-Value Crypto Services to Russia

The hackers had struck in two waves, first compromising the power network no later than February, before the second attack, which included a plan to shut substations and harm infrastructure last Friday evening, it said. Ukraine managed to prevent the attack from taking place, and there was no damage to the grid.

Slovakian cybersecurity firm ESET, which said it had worked with Ukraine to foil the attack, described the malware as an upgraded version of a programme which had caused power blackouts in Kyiv in 2016.

One piece of malware was designed to take over computer networks at the energy provider "in order to cut power", while a second programme was deployed to wipe out data to slow attempts to get power back online.

"Sandworm is an apex predator, capable of serious operations, but they aren't infallible," John Hultquist of US cybersecurity firm Mandiant said.

"It's increasingly clear that one of the reasons attacks in Ukraine have been moderated is because defenders there are very aggressive and very good at confronting Russian actors."

Why is 5G taking so long? We discuss this on Orbital, the Gadgets 360 podcast. Orbital is available on Spotify, Gaana, JioSaavn, Google Podcasts, Apple Podcasts, Amazon Music and wherever you get your podcasts.

Affiliate links may be automatically generated - see our ethics statement for details.

Comments

For the latest tech news and reviews, follow Gadgets 360 on X, Facebook, WhatsApp, Threads and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel. If you want to know everything about top influencers, follow our in-house Who'sThat360 on Instagram and YouTube.