Dive Brief:
- A blackout in the Ukraine last month appears to be the first incident to have been caused by malware, reported Radio Free Europe / Radio Liberty.
- The blackout affected hundreds of thousands of homes and shut down at least three regional utilities.
- The Ukrainian Security Service blamed Russia for the outages, and the Energy Ministry in Kyiv has set up a commission to investigate the incident.
Dive Insight:
Experts have long said critical infrastructure is vulnerable to cyberattacks and ESET, a Slovakian security software firm, confirmed malware caused the Ukrainian blackout.
Robert Lipovsky, senior malware researcher at ESET, said the incident in Ukraine was "unprecedented."
"The alarming aspect of this attack was that the infection vector that the malware was getting in was phishing mail with a malicious attachment, which is quite a trivial way to get in," Lipovsky said. "It's alarming that it was so easy."
The outage, reported by a Ukrainian power company on December 23, left about half of the homes in the Ivano-Frankivsk region without electricity.
Some are concerned that the successful attack could prompt other countries to use similar tactics.
"If there is a determined attacker trained to get in and they have the sufficient resources and time and money to put the effort in, then they can" carry out similar cyberattacks, said Lipovsky.
Gib Sorebo, chief Cybersecurity Technologist at Leidos, in a RSA Conference post, recently pointed out the importance of protecting against such attacks.
“We have experienced damage, extended power outages, and even deaths that can be attributed at least partly to computer malfunctions, albeit not as a result of a malicious actor directly causing that harm,” Sorebo said. “One could argue that if human errors, lack of maintenance and the lack of proper monitoring can cause such catastrophic results, the threat of a malicious hacker should be taken very seriously.”