Hackers of Ukrainian Utilities Probably Hit Mining and Railroad Targets, Too

itwbennett writes: Trend Micro said Thursday that its latest technical research shows that the same malware — dubbed BlackEnergy and KillDisk — were likely used in attacks on a mining company and a railway operator that preceded the devastating power-company hacks and that those earlier attacks may have been test runs. 'The malware used in the attacks, known as Black Energy, has been linked by the security firm iSight Partners to a group nicknamed the Sandworm Team, which is suspected to be from Russia,' writes Jeremy Kirk.

What's the best time for a robbery?

[koan]

When there's no electricity.

Re:What's the best time for a robbery?

[KGIII]

I like learning the history of old towns and I often find books that have recounting of old happenings from historical societies. I have one such book about a town in Livermore Falls, Maine. I don't have it with me and it's probably not something you can order online. It's fairly interesting. Well, I think so.

It seems that at one time, back in the 1930s, they built a bank in town. The thing is, the bank was on one side of the railroad tracks and the cops were on the other side of the railroad tracks. Every day, a train would drive up to the Otis Paper Mill and be there long enough so that there were no roads available for the cops to get to the bank - for a couple of hours. You can probably see where this is going.

So, they robbed the bank. Sure enough, they got away with this a few times. Then the cops started putting an officer over at the bank when the train was due. Except they didn't really have a lot of police officers. So, somebody would slow the train down and the cop would have to leave, then the timing was right to rob the bank. Then, like a bad movie, someone stole the police car which, of course, made the cops follow them - except the train wasn't in place at the time and the only other cruiser was able to go to that side of the tracks and off they went to get their police car back.

Now, being clever Mainers, they proceeded to leave the car not very far on the other side of the river and the cops were able to find it and go back to the station but they now had to wait for the train to pass, only to find out that while they were getting their car back, someone had robbed the bank and crossed to the other side of it and gotten away over on that side.

Finally, things settled down and everything is going well and nobody had robbed the bank. So, the police go back to policing and, sure enough, somebody robs the bank because they no longer station an officer there. This happens sporadically until the 1950s when the bank finally moved to the other side of the tracks.

So, I guess the best time to rob a bank is when there's a train between you and the cop station.

If I understand it correctly, there's still *technically* a reward out for information leading to the conviction/apprehension of the thief or thieves. Rumors suggest that it was actually a number of people, not necessarily associated, who took turns robbing the Livermore Falls Bank.

Do you believe this crap?

[tetraverse]

First off, the Ukraine powercuts were caused by old fashioned sabotage. Secondly no amount of malware can knock out the power generators as they are not controlled by SCADA units running Microsoft windows and directly connected to the Internet. ref
--

PROTHERO: Do you believe this crap, Dascombe?

DASCOMBE: It's not our job to believe it, Lewis. Our job is to tell the people --

PROTHERO: "Exactly what they tell us." I Know but do you think that people will believe it?

DASCOMBE: They will if it's you that's telling it to them. Now let's try it again.

Re:Do you believe this crap?

How do you know the truth of the second sentence of your post?

Just being curious.

Re:Do you believe this crap?

Your link is to a Crimea power outage in November. This is about an outage in Ukraine in December. You're the one spewing crap.

Re:Do you believe this crap?

Because you can't compromise any system that isnt Windows

Re:Do you believe this crap?

[nemyax]

Your link is to a Crimea power outage in November. This is about an outage in Ukraine in December.

The December attacks didn't come out of the blue. They came after Ukrainian nationalists blew up the power lines running to Crimea (and a couple of Ukrainian towns while they were at it) in November, causing a near-total blackout. Russia has provided a power line since, and there's another one in the works, but the peninsula is still short on electricity.

Re:Do you believe this crap?

[rtb61]

Really it is all about corruption gone out of control. The likely reality most of the hacking was simply insider actions paid for by outside interests, outside of those companies far more than outside of that country. For reasons of simple petty revenge, economic advantage by crippling competitors or protection and extortion rackets. Yeah Ukraine government was a corrupt spos (which is why Russia was so happy to see it gone, regardless of any public claims they make) prior to US led insurrection and the insurrection succeeded because of the corruption and low and behold the corruption that was fuelled to drive the insurrection is now worse than it was before because yeah the US government spent 5 billion dollars fuelling in and now it is a fire out of control. Shh, don't tell anyone but the reason the Polish government wants US troops is not because of it's eastern border (not that it is particularly comfortable with that one) but because of it's southern border(it is really uncomfortable about that one, something to do with celebrating a 'Ukrainian war hero?!?' who mass murdered polish people, who the fuck would not be uncomfortable about that, they are just not allowed to say anything publicly under instructions from the US otherwise no protection and something might happen if they have no protection).

Re:Do you believe this crap?

[nemyax]

Yeah Ukraine government was a corrupt spos (which is why Russia was so happy to see it gone, regardless of any public claims they make)

These particular claims were quite sincere, and the Russian authorities really weren't chuffed about the situation. They didn't have a problem with someone being corrupt; what kind of problem is that? On the contrary, if your puppet is a greedy mofo, it's a chance for you to share in their lucrative little schemes.

Re:Do you believe this crap?

[rtb61]

You kind of have to think back to the Soviet era. Decades upon decades of claims that they were wonderful and perfect and all of it memeber countries were wonderful and perfect. Hence a deeply flawed flase image was create about the nature of those countries. The Soviet Union spent decades making the Ukraine look better than it actually was. How bad was it, the Soviet Union had to slice bits off Russia and shove it into the Ukraine in order to try and stabilise it, think about that, for a moment. Russia had to slice of parts of Russia and give them away, to prevent the Ukraine from collapsing into exactly what is it collapsing into today (really great PR job by the Soviet Union, decades latter that still had the EU believing it).

Re:Do you believe this crap?

Your link is to a Crimea power outage in November. This is about an outage in Ukraine in December.

The December attacks didn't come out of the blue. They came after Ukrainian nationalists blew up the power lines running to Crimea (and a couple of Ukrainian towns while they were at it) in November, causing a near-total blackout. Russia has provided a power line since, and there's another one in the works, but the peninsula is still short on electricity.

Exactly this. Funny how you never see anything about Ukraine's initial threats (and follow-through) to cut power to Crimea completely unprovoked after a reasonably long period of truce in that conflict. It was stated many many times in non-US media that the hacks on Ukraine were in retaliation for this, yet you never seem to hear anything about that in our news.
I have friends who are from Ukraine and friends who actually live there, including in Kiev. They say that the "revolution" was basically an armed takeover by a political group who definitely did not have popular support. They've literally fled for their lives and/or moved their families to safer locations.
It's a fact that:
-Ukraine's new government has links to fascist neo-Nazi groups and literally parades fascist/neo-Nazi flags and other imagery during official parades
-Western media has been VERY strongly hiding anything that makes Ukraine's government look bad and has been demonizing the Crimean secession groups and Russia's government by selectively reporting news and portraying all of their actions in the worst possible light
-Crimea overwhelmingly voted to be part of Russia; talk to people who actually live there and see how they feel about it. Don't rely on what you hear on CNN, etc
-The US has a bizarrely intense interest in protecting Ukraine by providing training to their military, more so than ever in the past and much more intensely after the "revolution"

It's quite clear that the US had a part in overturning the Ukrainian government and is now trying to back them up in any way possible, including supporting their military and putting the media propaganda machine to work spinning any conflict between Ukraine and Russia as solely Russia's fault.
I'm not saying Russia doesn't have a lot to answer for (they do) but lies are lies and bulls*** is bulls***. I find this blatant propaganda campaign on the part of our media services and government distasteful at best and unnerving at worst. Provoking Russia for no good reason at all seems to be a main strategy of this administration and it makes no sense at all... no one wants WW3 or anything even close to it. We had reasonably good relations with Russia before this Ukraine nonsense, now all of that is destroyed.

FTR, I'm an American and I'm not Russian in any way. I study Russian as a side hobby just out of personal interest in languages. I'm also a US Army veteran and I am entirely loyal to the constitution of this country. I just think that provoking another major world power for literally no good reason at all is irresponsible at best and incredibly stupid at worst and risks the lives of the citizens and the soldiers who stand to protect them.

Re:Do you believe this crap?

[nemyax]

Funny how you never see anything about Ukraine's initial threats (and follow-through) to cut power to Crimea completely unprovoked after a reasonably long period of truce in that conflict.

The saddest thing about this is not the sabotage itself, but how Russia made a shambles of maintaining the region it had taken. The Russian authorities were well aware of the blackout threats and knew full well that the neo-Nazi scum were capable of carrying them out with the connivance of the Yatsenyuk government. Yet in one and a half years no one lifted a fucking finger to reroute the Crimean power grid until it was too late. They preferred going through their usual thieving motions with their heads up their arses.

Yep, Russia did it

Really, Russia. No evidence, but its Russia.

Man, slashdot sounding more and more like joining the rest of the presstitute media. Stick to reporting FACTS

Re:Yep, Russia did it

While the BlackEnergy malware may have Russian origins and is commonly associated with a (supposedly) Russian malware group, there is actually no definitive proof for this. This malware family has undergone a significant evolution throughout its lifetime – the source code of the very old first version has even leaked online and there are a number of versions of it being used in the wild. There is no definite way of telling whether the BlackEnergy malware is currently operated by a single group or several.

Re:Yep, Russia did it

[lhowaf]

There IS evidence but it hasn't been brought forward because there's no real upside to getting dead.

Re:Yep, Russia did it

[whodunit]

Found the putin shill!

If not Russia who else?

Given the motives currently known about and the limitations of available qualified workers we have 3 reasonable options for who did it
1. Russia to hurt their "enemies"
2. Russian associated "patriot" crackers from a large sized criminal organisation, to hurt their nations "enemies"
3. Opposing governments who want Russia to be blamed for this action

Given the risks involved in 3 and the way it would raise the stakes in terms of retaliation 1&2 seem much more likely than 3.
Do you have real reasons to conclude differently? if so what are they?

Re:If not Russia who else?

Given the motives currently known about and the limitations of available qualified workers we have 3 reasonable options for who did it
1. Russia to hurt their "enemies"
2. Russian associated "patriot" crackers from a large sized criminal organisation, to hurt their nations "enemies"
3. Opposing governments who want Russia to be blamed for this action

Given the risks involved in 3 and the way it would raise the stakes in terms of retaliation 1&2 seem much more likely than 3.
Do you have real reasons to conclude differently? if so what are they?

But the power is shut off to the Crimea which is under Russian control. It doesn't make sense that Russia would sabotage an area under its sphere of influence.

Re:If not Russia who else?

[jeneag]

How about point #4.

#4 Ukrainian government did it in order to make gain more hatred towards Russia from Ukrainian people and justify obligatory military drafts. They also did it because US-installed coup government feels that world is tired of them whining and begging for money, and by doing so they can once again say that Russia is an aggressor that declared war on Ukraine.

Given the dire situation in Ukraine, where people now earn less then poorest countries in Africa, the only drum they can beat on day in and day out has a label on it "It's because of Russia!"