Sandworm hackers tried (and failed) to disrupt Ukraine’s power grid

2022-04-12 18:01

The Computer Emergency Response Team of Ukraine, with the help of ESET and Microsoft security experts, has thwarted a cyber attack by the Sandworm hackers, who tried to shut down electrical substations run by an energy provider in Ukraine.

"We assess with high confidence that the attackers used a new version of the Industroyer malware, which was used in 2016 to cut power in Ukraine."

"We assess with high confidence that the APT group Sandworm is responsible for this new attack," ESET researchers stated.

The Sandworm is believed to be part of a Russian military unit, and among their many past attacks have been those aimed at Ukrainian companies in the energy, media, financial and other sectors.

This latest attempted attack against the Ukrainian energy grid was likely made to support the Russian military campaign in Ukraine.

"It seems like planning for the electrical grid attack started after it became clear that the invasion plan had failed. This indicates that the reason the electrical grid was not part of the initial plan was a strategic decision, not because of Russian disregard for offensive cyber capacity," infosec researcher The Grugq opined.

News URL

https://www.helpnetsecurity.com/2022/04/12/sandworm-ukraine/

#hacker #ukraine

News URL

Related news