Slashdot Mirror
Ukraine Power Outage May Be the First One Caused By Hackers (arstechnica.com)
bricko notes a report on what appears to be the first power outage known to have been caused by hackers:
Highly destructive malware that infected at least three regional power authorities in Ukraine led to a power failure that left hundreds of thousands of homes without electricity last week, researchers said. ... On Monday, researchers from security firm iSIGHT Partners said they had obtained samples of the malicious code that infected at least three regional operators. They said the malware led to "destructive events" that in turn caused the blackout. If confirmed it would be the first known instance of someone using malware to generate a power outage.
Over the past year, the group behind BlackEnergy has slowly ramped up its destructive abilities. Late last year, according to an advisory from Ukraine's Computer Emergency Response Team, the KillDisk module of BlackEnergy infected media organizations in that country and led to the permanent loss of video and other content. The KillDisk that hit the Ukrainian power companies contained similar functions but was programmed to delete a much narrower set of data, ESET reported. KillDisk had also been updated to sabotage two computer processes, including a remote management platform associated with the ELTIMA Serial to Ethernet Connectors used in industrial control systems.
Over the past year, the group behind BlackEnergy has slowly ramped up its destructive abilities. Late last year, according to an advisory from Ukraine's Computer Emergency Response Team, the KillDisk module of BlackEnergy infected media organizations in that country and led to the permanent loss of video and other content. The KillDisk that hit the Ukrainian power companies contained similar functions but was programmed to delete a much narrower set of data, ESET reported. KillDisk had also been updated to sabotage two computer processes, including a remote management platform associated with the ELTIMA Serial to Ethernet Connectors used in industrial control systems.
Hmm, organized hacking efforts that keep hitting important Ukrainian entities, with targeted code that can take out industrial systems... I can't imagine who could possibly be behind this.
Shiny New Australia.
i've said it once and i'll say it again: what the FUCK is wrong with people who think it's okay to put a country's critical infrastructure on the public internet AT ALL? there should be absolutely no way that power, water, gas, electricity or any kind of public utility should be even VAGUELY "internet connected". to anyone considering responding "but they might want to quotes manage quotes the infrastructure" then they should fucking well have a private closed-loop network or pay key emergency staff to live right next door to the infrastructure. there's a whole boat-load of long-range communications options that don't involve the public internet, which we *know* is wide-open to attack. any country that doesn't have laws in place which make it illegal for critical infrastructure to be on the public internet is quite literally asking for trouble. you don't leave the door to your house unlocked and then complain "but someone stole all my stuff!" - this is exactly the same thing.
By disrupting the electrical grid you aren't helping either side, and are actively putting people at risk.
Much in the same spirit as Russia bombing civilians in Syria, don't you think?
When all you have is a hammer, every problem starts to look like a thumb.