"Two days before Christmas that year, Russian hackers planted a unique specimen of malware in the network of Ukraine's national grid operator, Ukrenergo. Just before midnight, they used it to open every circuit breaker in a transmission station north of Kyiv. The result was one of the most dramatic attacks in Russia's years-long cyberwar against its western neighbor, an unprecedented, automated blackout across a broad swath of Ukraine's capital."
"Researchers at the industrial-control system cybersecurity firm Dragos have reconstructed a timeline of the 2016 blackout attack [PDF] based on a reexamination of the malware's code and network logs pulled from Ukrenergo's systems. They say that hackers intended not merely to cause a short-lived disruption of the Ukrainian grid but to inflict lasting damage that could have led to power outages for weeks or even months."
The December 2016 cyberattack installed specialized malware in the national grid operator Ukrenergo and commanded every circuit breaker in a transmission station north of Kyiv to open, producing an automated blackout across large parts of Kyiv. Operators restored power within an hour, but post-incident examination of malware code and network logs indicates the malware contained destructive routines capable of physically damaging equipment and causing outages lasting weeks or months. The destructive routines appear designed to activate not during the initial blackout but when operators attempted system restoration, using recovery procedures as the trigger to inflict lasting hardware damage.
Read at Ars Technica
Unable to calculate read time
Collection
[
|
...
]