This week Ukraine accused Russia of cyber attacks against its critical infrastructure, including power grid and financial systems. State-sponsored hackers used a new strain of malware that targets industrial processes, the malicious code looked like it was designed by the same threat actor behind the notorious BlackEnergy malware.
“Oleksandr Tkachuk, Ukraine’s security service chief of staff, said at a press conference that the attacks were orchestrated by the Russian security service with help from private software firms and criminal hackers, and looked like they were designed by the same people who created malware known as ‘BlackEnergy.'” reported the Reuters news Agency.
Tkachuk revealed that the malware used in the attacks was designed to attack specific industrial processes.
“As an example, he said that the code included modules that sought to harm equipment inside the electric grid.” reported the Reuters.
“Russian hackers and infobots become an important tool of the aggression against our country,” Tkachuk said.
The Russian Government has repeatedly denied accusations from the Ukrainian authorities that blames Moscow for cyber attacks against its infrastructure. The number of cyber attacks rapidly increased following the 2014 Crimean crisis.
According to the Ukrainian Government, Russian hackers launched 6,500 cyber attacks against its network in November and December alone. Kiev blamed Russian hackers for the power outage it has suffered in December. Hackers also targeted the defense and finance ministries and the State Treasury.
“There is a global cyber war of Russia against (the) whole world,” President Petro Poroshenko told Reuters in an interview in January at the World Economic Forum in Davos.
Tkachuk explained that the cyber attacks leverage the Telebots to infect computers that control infrastructure.
In December 2016, researchers from security firm ESET discovered that the BlackEnergy hacker group that targeted the Ukrainian grid one year ago, now identified as TeleBots, are targeting Ukrainian banks.
On Wednesday, cyber security experts at CyberX announced the discovery of a separate cyber espionage campaign in Ukraine that had compromised more than 60 victims, including an energy ministry, a scientific research institute and a firm that designs remote monitoring systems for oil & gas pipelines.
(Security Affairs – TeleBots , Ukraine)