- Netflix adds Top 10 feature to showcase what’s popular 4 Years Ago
- YouTube permanently bans ‘news’ channel that said impeachment was ‘Jew coup’ 4 Years Ago
- FIFA pro banned from all EA games following threatening rant 4 Years Ago
- Lucasfilm announces new franchise of ‘Star Wars’ tie-in books and comics Today 9:33 AM
- YouTube yanks revenue from controversial star who faked his girlfriend’s death Today 9:26 AM
- Facebook can ignore misleading political ads. This Democrat wants to change that Today 9:08 AM
- How to watch tonight’s South Carolina 2020 Democratic presidential debate Today 8:41 AM
- What exactly is ‘too adult’ for Disney+? Today 7:02 AM
- How tall is Michael Bloomberg? Today 6:30 AM
- The ’24 hours to respond’ meme holds celebrities to a higher standard Monday 8:46 PM
- Twitter users miss the kids who walked in on their dad’s interview Monday 8:40 PM
- ‘The Thing About Men’ Twitter hashtag is full of sarcasm and misogyny Monday 7:27 PM
- This woman said Hillary Clinton losing the 2016 election gave her PTSD, and people are furious Monday 6:45 PM
- Vanessa Bryant files a lawsuit against helicopter company after deaths of Kobe and Gianna Monday 5:49 PM
- Michael Jordan cries at Kobe Bryant memorial, jokes about creating a new meme Monday 4:43 PM
Suspected Russian cyberattack that hit Ukrainian power plant strikes major airport
The Russian government may not have conducted the attack, but it likely encouraged it.
“In connection with the case [at Kiev’s major airport] Boryspil, the ministry intends to initiate a review of anti-virus databases in the companies which are under the responsibility of the ministry,” an infrastructure ministry spokeswoman told Reuters.
The malware found in the airport computer network—which includes air-traffic control functions—is reportedly similar to the malicious code found in a Ukrainian power plant that suffered a major outage on Dec. 23. Ukrainian authorities have blamed Russian hackers for that outage. The malware, called BlackEnergy, is the work of an ethnic Russian hacker group called Sandworm.
A military spokesman told Reuters that the malware was being directed from a server located in Russia. Because Ukraine detected it in the airport computers quickly enough, it did not have time to damage the system.
The infrastructure ministry did not respond to a request for comment.
The U.S. Cyber Emergency Readiness Team (US-CERT) is assisting Ukraine’s CERT in investigating the late December power outage, which occurred in the western part of the country. Several American cybersecurity firms have concluded that the BlackEnergy malware was responsible, making the incident the first time a digital attack has resulted in a power blackout.
The attack raises the specter of low-level cyberwar in a world that largely lacks the legal regime to handle such conflict.
Scott Borg, the director of the U.S. Cyber Consequences Unit, a private research firm, said that independent “cyber militias,” and not the Russian government itself, were responsible for the BlackEnergy attacks.
“The Russian government has regularly been able to influence the timing and choice of targets by ethnically Russian civilian cyber militias without becoming directly involved in their actions,” Borg said in an email.
“There have even been cases where the ethnically Russian attackers went after targets, such as banks, when they believed that the Russian government would support these attacks, but when the Russian government may actually have been surprised by the resulting cyber campaigns,” he said. “This is suggested by the apparent confusion of the Russian government when it was accused of supporting some of these cyber actions.”
Ethnic Russian hacking groups have targeted Ukrainian computer systems on and off since Russia invaded Crimea in early 2014. Russian cyber criminals also used computer attacks to supplement the government’s military action during the 2008 Russo-Georgian War.
“Hacker talent over the last few years has increasingly focused on industrial control systems and other kinds of operational systems,” Borg said. “It has been many years since the brightest young hacker minds were interested in things like botnets.”
Photo via Aero Icarus/Flickr (CC BY 2.0) | Remix by Jason Reed
Eric Geller is a politics reporter who focuses on cybersecurity, surveillance, encryption, and privacy. A former staff writer at the Daily Dot, Geller joined Politico in June 2016, where he's focused on policymaking at the White House, the Justice Department, the State Department, and the Commerce Department.