The document, which was written by the state-run Ukrainian Computer Emergency Response Team (CERT), describes at least two successful attack attempts, one of which began on March 19 just days after Ukraine joined Europe's power grid.
Whether they were successful or not, the cyberattacks on the Ukrainian power grid represent a dangerous continuation in Russia's aggression against Ukraine by a hacking group known as Sandworm, which the United States has identified as Unit 74455 of Russia's military intelligence agency.
The power system in Ukraine was disrupted in both 2015 and 2016 by hackers believed to be working for Russian intelligence. The 2016 incident was an automated attack that was carried out using a piece of software. The software that was found in the attacks in 2022 has been dubbed Industroyer2 for its similarity.
Victor Zhora, the deputy head of the State Special Service for Digital Development, told reporters on Tuesday that they were dealing with an opponent who had been in cyberspace for eight years.
Analysts at ESET looked at the code of Industroyer2 to see its capabilities and goals. The Ukrainians use computers to control their grid and the hackers tried to destroy them. The power company's computers could not be used to bring power back online quickly.
The war has made it difficult for Ukrainians to regain control of their computers in the blink of an eye. It is not as easy to send a truck out to a substation when there are enemy tanks and soldiers nearby.
It doesn't make sense to hide when they are attacking Ukrainian hospitals and schools.
Experts have been anticipating that the country's hackers would show up and cause damage because of Moscow's successful track record of cyberattacks. The United States has been warning about Russia's actions as it struggles in the ground war with Ukraine.
The United States and the Ukrainians blamed Russian hackers for using multiple wipers during the war. The financial and government systems have been hit. Government websites have been rendered useless at key moments by denial of service attacks.
The most serious cyberattack in the war so far is the Industroyer2 attack. Ukrainian officials are working with Microsoft and other companies.
It is one of only a few incidents in which government-backed hackers have targeted industrial systems.
The first came to light in 2010, when it was revealed that malware known as Stuxnet had been crafted—reportedly by the United States and Israel—to sabotage Iran’s nuclear program. Russia-backed hackers have also reportedly launched multiple such campaigns against industrial targets in Ukraine, the United States, and Saudi Arabia.
All Rights Reserved © 2024
