Image: Mykola Tys/SOPA Images/LightRocket via Getty Images
The infamous Russian government hacking group known as Sandworm targeted a Ukrainian energy company with destructive malware, according to security researchers and Ukraine’s government. ;The attack used a piece of malware designed to target “high-voltage electrical substations in Ukraine,” according to cybersecurity firm ESET, which published a report on the attack on Tuesday. Ukraine’s Governmental Computer Emergency Response Team or CERT-UA, also published a statement regarding the attack, saying it had taken “urgent measures” to respond to it.
Advertisement
“The implementation of the malicious plan has so far been prevented,” according to an online translation of CERT-UA’s announcement. Researchers called the malware Industroyer2, in reference to malware that was used in late 2016 by the same hacking group against Ukraine’s energy grid. At the time, the attacks caused power outages in the country using malware that researchers called Industroyer or Crash Override. In this recent operation, Sandworm also used “several destructive malware families” designed to wipe computer systems. Some of this malware had already been deployed against a Ukrainian bank last week, according to ESET. Since the beginning of Russia’s invasion into Ukraine, researchers at several cybersecurity companies said that Russian hackers have used several wipers against different targets in Ukraine. “Ukraine is once again at the center of cyberattacks targeting their critical infrastructure. This new Industroyer campaign follows multiple waves of wipers that have been targeting various sectors in Ukraine,” ESET wrote in its report.
Advertisement
Industroyer2 was specifically designed to target the industrial control system, or ICS, of a Ukrainian energy company, which was not named by ESET nor CERT-UA. The malware was capable of cutting the power, according to ESET.
ORIGINAL REPORTING ON EVERYTHING THAT MATTERS IN YOUR INBOX.
By signing up, you agree to the Terms of Use and Privacy Policy & to receive electronic communications from Vice Media Group, which may include marketing promotions, advertisements and sponsored content.