If confirmed, the latest major security breach and first energy infrastructure cyberattack occurred just before Christmas on the 23rd. Three power authorities in Ukraine region suffered blackouts to hundreds of homes in the Ivano-Frankivsk region when an apparent malware infected the power grid and disconnecting electrical substations. A malicious code identified as far back as 2007, related to BlackEnergy malware family, along with a KillDisk component delivered by backdoor has been evolving through 2015 (in Ukrainian news media and electrical power industry). Apparently this variant may have been tied to Microsoft Office embedded macro function. Speculation also consist on Russian-sponsored hackers to be involved perhaps due to a prior Kaspersky report/research in 2014, or a physical outage that occurred in Russia in 2014 that Ukraine was blamed… That said, cybersecurity is as much a priority for energy industry as it is for governments and corporate / private sectors data - which may define 2016.
Article source forbes.com for incident recap and securelist.com for BlackEnergy specs.
No comments:
Post a Comment