- Netflix claims Adam Sandler’s ‘Murder Mystery’ broke viewing records 3 Years Ago
- How to watch ‘Yellowstone’ online for free 3 Years Ago
- How online allies joined a trans artist’s street art war Today 7:30 AM
- These edited videos show the dark side of your favorite cartoons Today 7:00 AM
- Coca-Cola now exists in ‘Star Wars’ canon Today 6:44 AM
- How #TCOT gave birth to Trump Today 6:30 AM
- The ultimate cord-cutting guide for bilingual families Today 5:00 AM
- Boys’ sleepovers vs. girls’ sleepovers meme takes stereotypes to absurd heights Tuesday 7:30 PM
- Petition wants Keanu Reeves to be named ‘Time Person of the Year’ Tuesday 6:33 PM
- 8 women accuse Max Landis of sexual, emotional abuse Tuesday 5:37 PM
- Taylor Swift accused of copying Beyoncé—again Tuesday 5:00 PM
- Everything you need to know about Libra, Facebook’s new cryptocurrency Tuesday 4:45 PM
- Netflix just renewed ‘Queer Eye’ for 2 more seasons Tuesday 4:32 PM
- YouTube’s queen of failed robots just unveiled a one-of-a-kind Tesla truck Tuesday 3:58 PM
- AOC infuriates conservatives with ‘concentration camps’ remark Tuesday 3:33 PM
Suspected Russian cyberattack that hit Ukrainian power plant strikes major airport
The Russian government may not have conducted the attack, but it likely encouraged it.
“In connection with the case [at Kiev’s major airport] Boryspil, the ministry intends to initiate a review of anti-virus databases in the companies which are under the responsibility of the ministry,” an infrastructure ministry spokeswoman told Reuters.
The malware found in the airport computer network—which includes air-traffic control functions—is reportedly similar to the malicious code found in a Ukrainian power plant that suffered a major outage on Dec. 23. Ukrainian authorities have blamed Russian hackers for that outage. The malware, called BlackEnergy, is the work of an ethnic Russian hacker group called Sandworm.
A military spokesman told Reuters that the malware was being directed from a server located in Russia. Because Ukraine detected it in the airport computers quickly enough, it did not have time to damage the system.
The infrastructure ministry did not respond to a request for comment.
The U.S. Cyber Emergency Readiness Team (US-CERT) is assisting Ukraine’s CERT in investigating the late December power outage, which occurred in the western part of the country. Several American cybersecurity firms have concluded that the BlackEnergy malware was responsible, making the incident the first time a digital attack has resulted in a power blackout.
The attack raises the specter of low-level cyberwar in a world that largely lacks the legal regime to handle such conflict.
Scott Borg, the director of the U.S. Cyber Consequences Unit, a private research firm, said that independent “cyber militias,” and not the Russian government itself, were responsible for the BlackEnergy attacks.
“The Russian government has regularly been able to influence the timing and choice of targets by ethnically Russian civilian cyber militias without becoming directly involved in their actions,” Borg said in an email.
“There have even been cases where the ethnically Russian attackers went after targets, such as banks, when they believed that the Russian government would support these attacks, but when the Russian government may actually have been surprised by the resulting cyber campaigns,” he said. “This is suggested by the apparent confusion of the Russian government when it was accused of supporting some of these cyber actions.”
Ethnic Russian hacking groups have targeted Ukrainian computer systems on and off since Russia invaded Crimea in early 2014. Russian cyber criminals also used computer attacks to supplement the government’s military action during the 2008 Russo-Georgian War.
“Hacker talent over the last few years has increasingly focused on industrial control systems and other kinds of operational systems,” Borg said. “It has been many years since the brightest young hacker minds were interested in things like botnets.”
Photo via Aero Icarus/Flickr (CC BY 2.0) | Remix by Jason Reed
Eric Geller is a politics reporter who focuses on cybersecurity, surveillance, encryption, and privacy. A former staff writer at the Daily Dot, Geller joined Politico in June 2016, where he's focused on policymaking at the White House, the Justice Department, the State Department, and the Commerce Department.