close
    • chevron_right

      Russian Cyberattack against Ukrainian Power Grid Prevented

      Bruce Schneier · news.movim.eu / Schneier · Wednesday, 13 April, 2022 - 16:27

    A Russian cyberweapon, similar to the one used in 2016, was detected and removed before it could be used.

    Key points:

    • ESET researchers collaborated with CERT-UA to analyze the attack against the Ukrainian energy company
    • The destructive actions were scheduled for 2022-04-08 but artifacts suggest that the attack had been planned for at least two weeks
    • The attack used ICS-capable malware and regular disk wipers for Windows, Linux and Solaris operating systems
    • We assess with high confidence that the attackers used a new version of the Industroyer malware, which was used in 2016 to cut power in Ukraine
    • We assess with high confidence that the APT group Sandworm is responsible for this new attack

    News article .

    EDITED TO ADD: Better news coverage from Wired .