Malware Targeting Ukraine Power Grids

Tuesday, January 5, 2016 @ 05:01 PM gHale

Power grids are under attack in Ukraine. That is because a group is using the BlackEnergy malware family in attacks aimed at news media and electrical power organizations, researchers said.

The BlackEnergy malware, which has its roots in Russia, ended up discovered back in 2007 and it has seen action in targeted attacks, including ones aimed at Ukrainian government organizations and critical infrastructure companies in the United States, said researchers at security company, ESET.

Cloud Provider Under Attack
Virtualization: Benefits, Challenges
Virtualization: Added Protection
Bridging IT and OT

ESET has been monitoring attacks involving the threat and discovered the Trojan ended up used to target news media and electrical power companies in Ukraine.

The ESET discovery comes days after Ukraine’s security service, the SBU, accused Russian special services of planting malware on the networks of several regional power companies. The agency also said attackers flooded the targeted firms’ technical support phone lines.

Ukrainian power company Prykarpattyaoblenergo blamed some recent power outages in the Ivano-Frankivsk Oblast region on outsiders who remotely tampered with automatic control systems.

ESET confirmed the attacks reported by Ukrainian authorities and power companies do have a connection. ESET published a blog post detailing the connection.

Prykarpattyaoblenergo was not the only company targeted, but, as it is in most cases, most of the other victims don’t want to disclose the attacks just yet.