Russian spies behind cyber attack on Ukraine power grid in 2022 - researchers
Reuters
Published Nov 09, 2023 03:07AM ET
Updated Nov 09, 2023 08:22AM ET
By James Pearson
LONDON (Reuters) -Russian cyber spies were behind a hack which disrupted part of Ukraine's power grid in late 2022 in a rare and advanced form of cyberwarfare, U.S. cybersecurity firm Mandiant, part of Google (NASDAQ:GOOGL), said in a report on Thursday.
Ukraine's SBU, the country's main intelligence agency, confirmed in a statement to Reuters that Russian hackers had struck a facility near its frontline with Russia.
Successful hacks against industrial control systems are relatively unique, with Russia being one of the few countries with the capability to carry out such cyberattacks.
“This attack represents the latest evolution in Russia’s cyber physical attack capability, which has been increasingly visible since Russia’s invasion of Ukraine,” said the report, which did not identify the specific facility against which the attack had been carried out.
Last October, a massive wave of Russian missile strikes on Ukraine's power network caused blackouts in many parts of the country, prompting Kyiv to halt power exports and leaving four regions temporarily without electricity.
The hacking group, known in cybersecurity research circles by the moniker “Sandworm”, was able to cause a power cut in an unidentified area of Ukraine by tripping circuit breakers at an electrical substation at the same time as the missile strike, the report said. The group then deployed data-wiping malware in a bid to cover their tracks, the report added.
Sandworm has been previously identified as a cyberwarfare unit of Russia’s GRU military intelligence agency.
Russia’s foreign ministry did not respond to a request for comment. The GRU could not be reached for comment.
Ukraine’s foreign ministry did not provide comment.
The SBU said Sandworm was behind the cyberattack and that the group was staffed by GRU officers. The attack was likely carried out to maximise the impact of Russian missile strikes, Illia Vitiuk, head of the agency's cybersecurity department, said in a statement.
Sandworm hackers rose to prominence in 2015 after a separate cyberattack against Ukraine’s power grid, which cut off power for around 255,000 people. The disruptive digital intrusion was widely considered to be one of the first known successful cyberattacks against a power network.
Get The News You Want
“There have only been a handful of incidents similar to this, with the majority carried out by Sandworm,” Mandiant analyst Nathan Brubaker said.
Written By: Reuters
Trading in financial instruments and/or cryptocurrencies involves high risks including the risk of losing some, or all, of your investment amount, and may not be suitable for all investors. Prices of cryptocurrencies are extremely volatile and may be affected by external factors such as financial, regulatory or political events. Trading on margin increases the financial risks.
Before deciding to trade in financial instrument or cryptocurrencies you should be fully informed of the risks and costs associated with trading the financial markets, carefully consider your investment objectives, level of experience, and risk appetite, and seek professional advice where needed.
Fusion Media would like to remind you that the data contained in this website is not necessarily real-time nor accurate. The data and prices on the website are not necessarily provided by any market or exchange, but may be provided by market makers, and so prices may not be accurate and may differ from the actual price at any given market, meaning prices are indicative and not appropriate for trading purposes. Fusion Media and any provider of the data contained in this website will not accept liability for any loss or damage as a result of your trading, or your reliance on the information contained within this website.
It is prohibited to use, store, reproduce, display, modify, transmit or distribute the data contained in this website without the explicit prior written permission of Fusion Media and/or the data provider. All intellectual property rights are reserved by the providers and/or the exchange providing the data contained in this website.
Fusion Media may be compensated by the advertisers that appear on the website, based on your interaction with the advertisements or advertisers.