The cyberattacks against the Ukrainian electric power industry continue. Background information on this story can be found in our recent publications:
BlackEnergy trojan strikes again: Attacks Ukrainian electric power industry
BlackEnergy by the SSHBearDoor: attacks against Ukrainian news media and electric industry
BlackEnergy and the Ukrainian power outage: What we really know
Recently we discovered a new wave of these attacks, where a number of electricity distribution companies in Ukraine were targeted again following the power outages in December. What’s particularly interesting is that the malware that was used this time is not BlackEnergy, which poses further questions about the perpetrators behind the ongoing operation. The malware is based on a freely-available open-source backdoor – something no one would expect from an alleged state-sponsored malware operator.
- Robert Lipovsky
- Cyber Security & e-Crime
- Posted On