Ukraine Says Russian Cyberattack Sought To Shut Down Energy Grid (cnbc.com) 19
Russian military hackers tried and failed to attack Ukraine's energy infrastructure last week, the country's government and a major cybersecurity company said Tuesday. From a report: The attack was designed to infiltrate computers connected to multiple substations, then delete all files, which would shut that infrastructure down, according to Ukraine's summary of the incident. ESET, a Slovakia-based cybersecurity company working to help secure Ukrainian infrastructure, said in a summary of the attack that it was conducted by the same arm of Russia's military intelligence agency, GRU, that had previously successfully executed similar attacks in 2014 and 2015. In both of those incidents, some residents of Kyiv temporarily lost power. This attack had been planned for at least two weeks, ESET said. Since Russia began its invasion in February, Ukraine hasn't been hit by any attacks as visibly destructive as those previous hacks of Kyiv energy companies. But Ukraine has faced multiple so-called "wiper" attacks, including ones that have targeted computers in Ukraine's government, financial institutions and internet service providers. Those attacks also look to mass-delete files from hacked computers.
It would be surprising if they didn't try that (Score:2)
Russia has clearly invested a significant amount of time, money, and effort in developing a hacking apparatus, and they haven't been afraid to use it in the past. Why would they not be trying to use it now?
Re: (Score:2)
The GOP report itself does not provide evidence to back up the claim that became a talking point — and our reporting has unearthed the best explanation about what really happened. It’s a complicated story, involving a web of corporate entities, that eventually leads to the purchase of millions of dollars worth of real estate in Brooklyn by the Russian billionaire. We found no evidence that Hunter Biden was part of those transactions.
Re: It would be surprising if they didn't try that (Score:3)
Re: (Score:2, Insightful)
Cheaper to bring things back online after taking over the country than physically destroyed equipment?
Re: (Score:3)
As opposed to the leveling of towns and cities, or destruction of infrastructure they're doing now? There are some places, such as Mariupol, which will have to be razed to the ground and rebuilt from scratch because of Russia's deliberate bombings.
Re: (Score:2)
Does anyone in Russia think they can hold Donbas, Krim and the coast between them without permanent war? They cannot think that they can "take" that and not have to keep filling soldiers into the hole they're digging. That's an indefensible position. Russia won't ever be in a position to have to rebuild Ukrainian infrastructure, because this is an unwinnable war, with or without escalating to WW3.
Re: (Score:2)
Does anyone in Russia think they can hold Donbas, Krim and the coast between them without permanent war?
They could have held Donbas and Crimea, before the invasion. The war was dying down, and the people on both sides were done with it. Now it's not clear.
Re: (Score:1)
Re: (Score:2)
Why would they leave any method unused? The people firing the artillery aren't the same people that would be hacking their infrastructure
Re: (Score:2)
It would seem that Russia's hacking apparatus is overrated.
In the past, they outsourced their hacking efforts to "independent" black hats working inside the country.
Air Gaps FTW (Score:5, Insightful)
Stop connecting critical infrastructure to the Internet and make sure that your SCADA infrastructure is maintained/maintainable and do not let unauthorized technicians or media anywhere near it!
There are zero-day vulnerabilities that are being exploited now that we won't know about unless they get discovered, assume that and let it be your guide. Be assured that Russia has paid clearing houses who research them and their own cyber espionage teams know about them. After all, the Soviets built their grid so it would be common knowledge to both sides on how to cripple their infrastructure in the most effective manner.
Russia needs to be isolated (Score:2)
No pun intended. The internet is not doing good inside Russia. Cut the lines. Yes, they're certainly going to keep attacking through jump hosts and whatnot, but it's going to be a lot harder with everything having to go through a few routes that must stay covert. Russia has to go sit in the corner for a couple of decades. Maybe they learn, maybe not. They can't participate the way they act now.
Makes me wonder... (Score:3)
This seems like a pretty blatant and unsophisticated kind of attack, and I'm sure the Russians are capable of much more stealth and subtlety. That makes me wonder if this was meant as a distraction from stealthier attacks that might give Russia actual control over the infrastructure rather than simply disabling or destroying it.
Re: (Score:2)
What makes you so sure that they are capable of stealthy and subtle attacks? So far during this war we've seen a military that people in the west thought was large and capable fail at nearly every level. From logistics, maintenance, tactics, air superiority, communications. It would almost be funny if they hadn't fallen back to brutality.
Against this backdrop, why would we still assume their hackers are any different?
Hack back (Score:1)
I doubt Russia's grid is top quality. Zap 'em back. Make Russians read by candle-light for tolerating their jerkass leader in starting the war.
(USA deserved similar for the Iraq WMD fiasco. We've had jerkass leaders also.)