Investigators suspected hackers in the electricity cutoff in Kiev

13 June 2017, 13:55 | Incidents 
фото с

Hacker group Electrum is involved in the attack on the power system of Ukrenergo in December 2016, according to a report of information security experts Dragos. According to researchers, this group is directly connected with the hacker group Sandworm Team, which was repeatedly accused of working for the Russian special services.

As stated in the report, the hackers created malware, called Crash Override, whose main task is to attack the power systems. Crash Override, with a little refinement, is capable of attacking the power systems of not only Ukraine but also of European countries, and also theoretically vulnerable infrastructure in the USA.

Dragos conducted a Crash Override analysis along with the Slovak antivirus manufacturer ESET. The study says that malware can attack multiple power substations at once, but its nature can only cause temporary interruptions with electricity, which can last several hours or days, but not weeks.

The report also examines in detail how technically the attack with Crash Override. You can read the report here.

December 17, 2016 in Kiev, there were interruptions of electricity due to a failure at one of the substations. In some areas of the Ukrainian capital, electricity was not about an hour and a half. In "Ukranegro" tied up with power outages with hacker attacks.

Already in January 2017, experts on cybersecurity suggested that the cause of the failure was a hacker attack, similar to the failure that occurred in the Ivano-Frankivsk region in 2015.

Presumably, hackers in December 2016 were not intended to inflict serious damage, but tested the system.

In December 2015 in a significant part of the Ivano-Frankivsk region there were electricity shortages. The Security Service of Ukraine called the reason for the interruption of cyberattacks on the part of Russia.

