"For nearly three years, the December 2016 cyberattack on the Ukrainian power grid has presented a menacing puzzle. Two days before Christmas that year, Russian hackers planted a unique specimen of malware in the network of Ukraine's national grid operator, Ukrenergo. Just before midnight, they used it to open every circuit breaker in a transmission station north of Kyiv. The result was one of the most dramatic attacks in Russia's years-long cyberwar against its western neighbor, an unprecedented, automated blackout across a broad swath of Ukraine's capital."
"Researchers at the industrial-control system cybersecurity firm Dragos have reconstructed a timeline of the 2016 blackout attack [PDF] based on a reexamination of the malware's code and network logs pulled from Ukrenergo's systems. They say that hackers intended not merely to cause a short-lived disruption of the Ukrainian grid but to inflict lasting damage that could have led to power outages for weeks or even months."
Russian hackers planted unique malware inside Ukrenergo's network two days before Christmas 2016 and triggered it just before midnight to open every circuit breaker at a transmission station north of Kyiv. The triggered action produced an automated blackout across a broad swath of Kyiv but operators restored power within an hour. A reconstruction of the timeline and code indicates the attackers intended not only disruption but destructive damage that would manifest when operators re-energized equipment, potentially causing hardware failures and outages lasting weeks or months. The malware would join Stuxnet and Triton as rare code designed to physically destroy industrial control assets.
Read at Ars Technica
Unable to calculate read time
Collection
[
|
...
]