Menu
Russian group suspected to be linked to Ukraine power station cyberattack

Russian group suspected to be linked to Ukraine power station cyberattack

iSight Partners says the Sandworm team is likely involved

A cyberattack that knocked out power in the Ukraine last month is believed to have been initiated by a hacking group with strong Russian interests.

iSight Partners, a cybersecurity firm headquartered in Dallas, wrote on Thursday that a group called Sandworm was likely involved.

The link was made after a study of a malware sample called KillDisk and a related one used by Sandworm in the past called BlackEnergy 3, wrote John Hultquist, director of cyberespionage analysis at iSight Partners.

Another security company, Eset, wrote in a post last week that samples of BlackEnergy have carried the KillDisk component, which overwrites or deletes files.

Ukraine's CERT wrote in November that media in the country had been targeted by BlackEnergy around the time local elections were held.

iSight Partners first described Sandworm in October 2014, and since then several other security vendors have written about its activities.

The group has targeted NATO, western and Ukrainian government organizations and energy companies, according to an iSight document published by the Washington Post.

The latest attack, which occurred on Dec. 23 at a facility run by the service provider Prykarpattyaoblenergo, cut power to 80,000 customers for six hours, according to Reuters, which cited a report from a U.S. energy industry security group.

The attack has raised widespread concern as security experts have warned for years of the vulnerability of industrial control systems used by the energy industry.

"A cyberattack of this nature is a milestone – although a predictable one," Hultquist wrote. "The aggressive nature of Sandworm team’s previous activity in Europe and the United States exposed their interest in targeting critical systems and indicated preparation for cyber attack."

Tension have remained high between the Ukraine and Russia since the latter forcibly annexed Crimea in 2014.

Subscribe here for up-to-date channel news

Follow Us

Join the New Zealand Reseller News newsletter!

Error: Please check your email address.

Featured

Slideshows

Tight lines as Hooked on Lenovo catches up at Great Barrier Island

Tight lines as Hooked on Lenovo catches up at Great Barrier Island

​Ingram Micro’s Hooked on Lenovo incentive programme recently rewarded 28 of New Zealand's top performing resellers with a full-on fishing trip at Great Barrier Island for the third year​ in a row.

Tight lines as Hooked on Lenovo catches up at Great Barrier Island
Inside the AWS Summit in Sydney

Inside the AWS Summit in Sydney

As the dust settles on the 2017 AWS Summit in Sydney, ARN looks back an action packed two-day event, covering global keynote presentations, 80 breakout sessions on the latest technology solutions, and channel focused tracks involving local cloud stories and insights.

Inside the AWS Summit in Sydney
Channel tees off on the North Shore as Ingram Micro hosts annual Cure Kids Charity golf day

Channel tees off on the North Shore as Ingram Micro hosts annual Cure Kids Charity golf day

Ingram Micro hosted its third annual Cure Kids Charity Golf Tournament at the North Shore Golf Club in Auckland. In total, 131 resellers, vendors and Ingram Micro suppliers enjoyed a round of golf consisting of challenges on each of the 18 sponsored holes, with Team Philips taking out the top honours.

Channel tees off on the North Shore as Ingram Micro hosts annual Cure Kids Charity golf day
Show Comments