Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
×
Security

Hackers Shut Down Heating in Ukrainian City With Malware, Researchers Say (techcrunch.com) 14

An anonymous reader shares a report: For two days in mid-January, some Ukrainians in the city of Lviv had to live without central heating and suffer freezing temperatures because of a cyberattack against a municipal energy company, security researchers and Ukrainian authorities have since concluded. On Tuesday, the cybersecurity company Dragos published a report with details about a new malware dubbed FrostyGoop, which the company says is designed to target industrial control systems -- in this particular case, specifically against a type of heating system controller. Dragos researchers wrote in their report that they first detected the malware in April. At that point, Dragos did not have more information on FrostyGoop apart from the malware sample, and believed it was only used for testing.

Later on, however, Ukrainian authorities warned Dragos that they had found evidence that the malware was actively used in a cyberattack in Lviv during the late evening of January 22 through January 23. "And that resulted in the loss of heating to over 600 apartment buildings for almost 48 hours," said Mark "Magpie" Graham, a researcher at Dragos, during a call with reporters briefed on the report prior to its release. Dragos researchers Graham, Kyle O'Meara, and Carolyn Ahlers wrote in the report that "remediation of the incident took almost two days, during which time the civilian population had to endure sub-zero temperatures." This is the third known outage linked to cyberattacks to hit Ukrainians in recent years.

This discussion has been archived. No new comments can be posted.

Hackers Shut Down Heating in Ukrainian City With Malware, Researchers Say

Comments Filter:
  • Two days is a long time without heating, but I'm impressed how quickly this was fixed, kudos to to the good guys involved.

  • Before the 'net was a thing, they managed to operate public and private utilities and systems and governments well with little more than wireline phones. Infrastructure of all sorts, the same. I know having all of that stuff connected has a few advantages, but the more we surrender to the wild internet, nobody takes responsibility to say 'Stop!' We're trusting our lives to this stuff, trusting strings to secure the gates, and asking the threat actors to please don't mess with this? I'm pprofoundly grate
    • by Targon ( 17348 )

      Stupid people connect infrastructure and critical systems to the Internet instead of setting up dedicated fiber to link critical systems. The best security is where things are NOT all interconnected.

    • by zlives ( 2009072 )

      yeah but how then will we outsource support to remote call centers elsewhere. also i need to be able to facechat

Real Programmers don't eat quiche. They eat Twinkies and Szechwan food.

Working...