It’s not every day that someone turns off the electricity for more than half a million people just by sending an email. In fact, it had never happened until last month, when hackers tricked Ukrainian power plant employees into giving them access to industrial control systems, the equivalent of a switch that regulates electricity flow out of a power plant. Now the evidence increasingly points to Sandworm, a known group of Russian government-sponsored hackers, as the suspects holding the smoking gun.
It’s not every day that someone turns off the electricity for more than half a million people just by sending an email. In fact, it had never happened until last month, when hackers tricked Ukrainian power plant employees into giving them access to industrial control systems, the equivalent of a switch that regulates electricity flow out of a power plant. Now the evidence increasingly points to Sandworm, a known group of Russian government-sponsored hackers, as the suspects holding the smoking gun.
Ukrainians living in the 700,000 homes that lost electricity for hours on Dec. 23 never could have known their blackout may have been the first ever caused by malicious software. BlackEnergy, a known form of malware that’s a Sandworm favorite, was found on the infected systems. Sandworm has previously targeted industrial control systems in Ukraine, the U.S. and NATO and has been identified as the likeliest perpetrator in this case.
“I doubt that it will usher in an era in which other countries begin to make widespread use of malicious code to produce electrical outages,” said Patrik Maldre, a Research Fellow, Cyber Policy, International Center for Defense and Security, “but it could show that cyberthreat actors with connections to Russia are willing to do so.”
Read more: International Business Times