- Facebook suspended tens of thousands of apps after Cambridge Analytica scandal 4 Years Ago
- How to stream Browns vs. Rams on Sunday Night Football Today 6:00 AM
- How to watch ‘NFL Primetime’ on ESPN+ Today 5:00 AM
- How to stream Liverpool vs. Chelsea Friday 6:45 PM
- How to stream Real Madrid vs. Sevilla Friday 6:35 PM
- How to stream Peter ‘Kid Chocolate’ Quillin vs. Alfredo Angulo Friday 5:16 PM
- How to stream Barcelona vs. Granada Friday 4:50 PM
- ‘Atlantics’ tells a ghost story steeped with emotion and realism Friday 4:16 PM
- ‘Jojo Rabbit’ is a sweet, singular movie that loses its grip on satire Friday 3:40 PM
- Jordan Peterson is in rehab for Klonopin addiction Friday 3:34 PM
- The cat-worshipping turkey cult video, explained Friday 3:22 PM
- Despite legal threats and drama, the Area 51 desert event is on Friday 3:05 PM
- How to stream Yair Rodriguez vs. Jeremy Stephens on UFC Fight Night Friday 3:00 PM
- Twitter just launched its ‘Hide Replies’ feature Friday 1:59 PM
- How to turn off image metadata before it snitches on you Friday 1:36 PM
Suspected Russian cyberattack that hit Ukrainian power plant strikes major airport
The Russian government may not have conducted the attack, but it likely encouraged it.
“In connection with the case [at Kiev’s major airport] Boryspil, the ministry intends to initiate a review of anti-virus databases in the companies which are under the responsibility of the ministry,” an infrastructure ministry spokeswoman told Reuters.
The malware found in the airport computer network—which includes air-traffic control functions—is reportedly similar to the malicious code found in a Ukrainian power plant that suffered a major outage on Dec. 23. Ukrainian authorities have blamed Russian hackers for that outage. The malware, called BlackEnergy, is the work of an ethnic Russian hacker group called Sandworm.
A military spokesman told Reuters that the malware was being directed from a server located in Russia. Because Ukraine detected it in the airport computers quickly enough, it did not have time to damage the system.
The infrastructure ministry did not respond to a request for comment.
The U.S. Cyber Emergency Readiness Team (US-CERT) is assisting Ukraine’s CERT in investigating the late December power outage, which occurred in the western part of the country. Several American cybersecurity firms have concluded that the BlackEnergy malware was responsible, making the incident the first time a digital attack has resulted in a power blackout.
The attack raises the specter of low-level cyberwar in a world that largely lacks the legal regime to handle such conflict.
Scott Borg, the director of the U.S. Cyber Consequences Unit, a private research firm, said that independent “cyber militias,” and not the Russian government itself, were responsible for the BlackEnergy attacks.
“The Russian government has regularly been able to influence the timing and choice of targets by ethnically Russian civilian cyber militias without becoming directly involved in their actions,” Borg said in an email.
“There have even been cases where the ethnically Russian attackers went after targets, such as banks, when they believed that the Russian government would support these attacks, but when the Russian government may actually have been surprised by the resulting cyber campaigns,” he said. “This is suggested by the apparent confusion of the Russian government when it was accused of supporting some of these cyber actions.”
Ethnic Russian hacking groups have targeted Ukrainian computer systems on and off since Russia invaded Crimea in early 2014. Russian cyber criminals also used computer attacks to supplement the government’s military action during the 2008 Russo-Georgian War.
“Hacker talent over the last few years has increasingly focused on industrial control systems and other kinds of operational systems,” Borg said. “It has been many years since the brightest young hacker minds were interested in things like botnets.”
Photo via Aero Icarus/Flickr (CC BY 2.0) | Remix by Jason Reed
Eric Geller is a politics reporter who focuses on cybersecurity, surveillance, encryption, and privacy. A former staff writer at the Daily Dot, Geller joined Politico in June 2016, where he's focused on policymaking at the White House, the Justice Department, the State Department, and the Commerce Department.