CyberNews Briefs

Russia’s Sandworm hackers attempted a third blackout in Ukraine

Several years after the Russian state sponsored hacking group Sandworm targeted an electrical transmission station north of Kyiv in 2016, the hackers are targeting Ukraine’s industrial grid again. In 2016, Russian hackers used a unique, automated piece of code to interact directly with circuit breakers and shut off lights to a small portion of its capital city. This month, the Ukrainian Computer Emergency Response Team (CERT-UA) reported that the Sandworm hacking group had targeted high-voltage electrical substations in Ukraine.

The group allegedly used a variation of a piece of malware called Industroyer. Cybersecurity firm ESET also released an advisory regarding the group, which has been confirmed to be Unit 74455 of Russia’s GRU military intelligence agency. The new malware can interact directly with the equipment in electrical utilities to deliver commands to substation devices that direct the flow of power. This means that Russia could be looking to attempt a third blackout in Ukraine amid its invasion of the country and ongoing conflict.

Read More: Russia’s Sandworm hackers attempted a third blackout in Ukraine

OODA Analyst

OODA Analyst

OODA is comprised of a unique team of international experts capable of providing advanced intelligence and analysis, strategy and planning support, risk and threat management, training, decision support, crisis response, and security services to global corporations and governments.