Ukrainian Energy Sector Under Cyber Siege by Russian Hackers | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #hacker

Critical Infrastructure Security
Cyberwarfare / Nation-State Attacks
Fraud Management & Cybercrime

Key Ukrainian Cyber Authority Warns of Spike in Cyberattacks on Energy Facilities

Ukrainian cyber defenders warn that Russian state hackers are targeting energy facilities. Pictured: destroyed a destroyed Ukrainian transformer shelled by Russian forces. (Image: Shutterstock)

Ukrainian cyber defenders issued an urgent warning that the nation’s energy sector is under severe threat from a wave of cyberattacks by Russian hackers amid growing fears of a large-scale offensive later this spring.

See Also: Freeing Public Security and Networking Talent to do more with Automation

Sandworm, the cyberwarfare unit of Russia’s military intelligence service known as “one of the widest and high severity cyber threats globally,” began targeting an estimated 20 enterprises across Ukraine’s energy, water and heating industries in March, according to Ukraine’s Computer Emergency Response Team.

Kyiv’s primary incident response team said the Russian threat actor successfully compromised at least three supply chains across the country since then through a backdoor dubbed “Kapeka.” The vulnerability, which was first discovered in 2022, allowed hackers to deploy malware known for attacks against water supply facilities, the report said (see: Likely Sandworm Hackers Using Novel Backdoor Kapeka).

The April warning comes as Ukrainian President Volodymyr Zelenskyy said his country is preparing for a major Russian offensive that could begin as soon as May. Russia has targeted Ukraine’s energy sector and power grid with cyber and physical attacks since its 2022 initiation of a war of conquest against its European neighbor. The attacks including a failed attempt to delete the entirety of the data belonging to numerous substations across Ukraine’s energy infrastructure in April of that year.

The Kremlin has also launched a wave of drone attacks targeting energy infrastructure across the country.

Russia’s preeminent cyber sabotage unit has quickly become notorious for its advanced hacking capabilities and targeting of critical infrastructure sectors in Ukraine and across the globe (see: The Global Menace of the Russian Sandworm Hacking Team). A recent Mandiant report called Sandworm a “flexible instrument of power capable of servicing Russia’s wide ranging national interests and ambitions, including efforts to undermine democratic processes globally.”

A separate report published in April by Ukraine’s Computer Emergency Response Team also warned that Sandworm was using popular messaging channels among Ukrainian soldiers to gain a tactical advantage on the battlefield (see: Report: Russian Hackers Targeting Ukrainian Soldiers on Apps).


Click Here For The Original Story From This Source.


National Cyber Security