Slashdot Mirror

← Back to Stories (view on slashdot.org)

Ukraine Power Station Outage -- Enabled By Malware, But Not Caused By Malware (sans.org)

Posted by Soulskill on from the splitting-malhairs dept.

itwbennett writes: A new study of a recent cyberattack against Ukrainian power companies suggests malware didn't directly cause the outages that affected at least 80,000 customers. While malware was used to gain access to networks, the attackers then opened circuit breakers that cut power, according to information published Saturday by the SANS Industrial Control Systems (ICS) team. The attackers used direct intervention to try to mask their actions to the power systems operators and also conducted denial-of-service attacks on the utilities' phone systems to block complaints from affected customers, SANS said.

5 of 35 comments (clear)

  1. Sheesh by Ol+Olsoc · · Score: 2
    A very fine sharp dividing line here.

    Yes your honor, I stabbed the victim a hundred times. But it wasn't me - it was the knife that did the cutting.

    --
    The shepherds did so well protecting the flock that the sheep no longer believed that wolves existed.
    1. Re:Sheesh by aicrules · · Score: 4, Insightful

      It's more like if you leave a shim in a door on your way out of a light bulb plant, then later come back and use that door to gain access and then proceed to smash hundreds of bulbs. The shim wasn't what destroyed the light bulbs, but it sure did come in handy to let you do it when you wanted to. If the shim placed in the door then sprung to life at a predetermined time and went about smashing bulbs on its own, then that would be akin to what they were originally thinking. Overall it doesn't matter too much to the crime committed, but from a technological standpoint it means the malware had less complex behavior built into it than they were giving it credit for.

  2. Re:I think that's the stupidest summary ever. by plover · · Score: 2

    It wasn't the summary's fault. It's an accurate summary of a really stupid article. But it's in CSO Online magazine, so consider the audience is not the sharpest technical group. To them, it's all technobabble.

    --
    John
  3. Re:Probably russian hackers by Fire_Wraith · · Score: 3, Interesting

    Even Putin isn't indiscriminately using force in any of the conflicts in the Ukraine. Even if no one believes that "it's really just the separatists, not Russian troops pretending to be separatists" bit, it's an important fig leaf of plausible deniability. Putin still seems to feel it's important to be able to pretend to be doing this stuff.

    And it would be the same with this. Assuming the Russians were behind it, they'd likely be using this method in part because it obscures their connection to the point that, despite everyone thinking they did it, no one can prove it beyond a reasonable doubt. Which, if you think about it, is sort of the best of both worlds. You get the intimidation factor that comes with people not wanting to mess with you, but also without the consequences of having gotten caught doing it.

  4. Re:Ukraine is weak by phantomfive · · Score: 2

    When Ukraine traded it's nuclear weapons for a promise that Russia respect it's territory, they made a bad deal.

    They basically had no choice unless they wanted to be completely isolated by the rest of the world. The east and west were both united against them on that point.
    Maybe they could have gotten a better deal if Donald Trump were negotiating for them, after all, he's the world's best negotiator, but there is no way they were keeping their nuclear weapons.

    --
    "First they came for the slanderers and i said nothing."