Malware alone didn’t cause Ukraine power station outage

A new study of a cyberattack last month against Ukrainian power companies suggests malware didn’t directly cause the outages that affected at least 80,000 customers.

Instead, the malware provided a foothold for key access to networks that allowed the hackers to then open circuit breakers that cut power, according to information published Saturday by the SANS Industrial Control Systems (ICS) team.

Experts have warned for years that industrial control systems used by utilities are vulnerable to cyberattacks. The Dec. 23 attacks in Ukraine are the most prominent example yet of those fears coming to fruition.

To read this article in full or to leave a comment, please click here