© 2022 CyberNews - Latest tech news,
product reviews, and analyses.

If you purchase via links on our site, we may receive affiliate commissions.

Ukraine curbed a Russian cyberattack on the electricity grid


The attackers tried using malware to disrupt the power supply and take electricity substations offline.

Ukrainian authorities claim that hackers tried to disrupt several elements of the country's critical infrastructure using Industroyer2, CaddyWiper, ORCSHRED, SOLOSHRED, and AWFULSHRED strains of malware.

According to the Computer Emergency Response Team of Ukraine (CERT-UA), threat actors targeted high-voltage electrical substations, computers running the Windows OS and Linux OS, as well as active network equipment.

"This is a military hacking team. Their aim was to disable a number of facilities, including electricity substations. They did not succeed, and we're investigating," government spokesman Victor Zhora told Reuters.

Researchers at ESET who worked with Ukraine to stop the incursion say that the advanced persistent threat (APT) group Sandworm was behind the attack. Sandworm, also known as Voodoo Bear or Iron Viking, is linked with the Russian military intelligence agency GRU.

According to CERT-UA, the targeted organization experienced two waves of attacks, with the first one striking in February. The second wave of attacks was meant for April 8, but authorities prevented it.

"Sandworm is an apex predator, capable of serious operations, but they aren't infallible. It's increasingly clear that one of the reasons attacks in Ukraine have been moderated is because defenders there are very aggressive and very good at confronting Russian actors," John Hultquist of US cybersecurity firm Mandiant told Reuters.

ESET, together with CERT-UA, dubbed the malware' Industroyer2' since it resembles a similar strain of malicious software Sandworm used to cut power in Ukraine in 2016.

An attack on Ukraine's critical infrastructure might have been carried out to advance Moscow's military goals since Russia invaded Ukraine on the night of February 24.

According to the United Nations, the Russian invasion of Ukraine has created the 'fastest-growing refugee crisis in Europe since World War II.' Over 10 million people were displaced due to the conflict, with over 4.5 million fleeing the country.

Witness testimonies from Ukrainian towns Russian forces have occupied for close to a month point to severe human rights violations and targeted lethal attacks against civilians.

Reports of "gross and systematic violations and abuses of human rights" got Russia suspended from the UN Human Rights Council.


More from Cybernews:

Black-hat hackers: bad to the bone or just victims of society?

Serious hackers – or just a bunch of script kiddies?

The US confirms seizing RaidForums website, its owner - arrested

War in space: could Russia attack target 'unfriendly' commercial satellites? – interview

Meta is launching tests to create money-making opportunities in the metaverse

Subscribe to our newsletter



Leave a Reply

Your email address will not be published. Required fields are marked