While there is no suggestion the Russian government is involved, the attacks have occurred during a period of bad relations between Ukraine and Russia.
Advertisement
Ukraine has alleged a cyberattack on its main airport was launched from a computer server in Russian Federation.
BlackEnergy was first deployed by cybercriminals in 2007 but, as the conflict between Russian Federation and Ukraine dramatically intensified, a new version of the virus was discovered targeting Ukrainian government officials.
“In connection with the case in Boryspil, the ministry intends to initiate a review of anti-virus databases in the companies which are under the responsibility of the ministry”, said Irina Kustovska, a spokeswoman for Ukraine’s infrastructure ministry, which oversees airports, railways and ports. The malware doesn’t appear to have been activated or done any tangible damage to the airport itself.
The country’s state-run Computer Emergency Response Team (CERT-UA) said Kiev’s Boryspil airport was subjected to an assault last week that included an attack on the network’s air traffic control computers. There are some signs that the attacks are linked, she said.
CERTA-UA released a statement recommending system administrators check information traffic and log-in files.
On December 23rd, electricity was cut for six hours to about 80,000 people in and around Ivano-Frankivsk, a city of some 230,000 people about 200km from the Polish border.
Three regional power firms in December suffered short-term blackouts due to malicious software in their networks, Hacked reported. This attack led to power outages throughout the country.
Ukraine’s security service blamed the incident on its counterpart in Russian Federation, while global computer experts said the attack raised the prospect of more frequent and damaging attacks by shadowy groups on civilian infrastructure.
A USA cyber intelligence firm recently traced the attack back to a Moscow-backed group known as Sandworm.
Advertisement
Featured image from Shutterstock.
