December 23, 2015 3:30, residents of the Ivanou-Frankovsk area in western Ukraine have finished their day's work and are heading towards the warm homes of cold streets.
A year later, in Saturday (December 17, 2016), hackers again attacked Ukraine's state power sector, causing another massive blackout, which lasted about 30 minutes.
Ukraine spicy beauty, hackers how can you bear to bully it?
It seems that the hackers are bound to have trouble with Ukraine, must let them back to the original Stone Age.
In this case, Ukraine's national energy companies have become a new victim of large-scale cyber attacks. The impact of the company's external statement is: The blackout was caused by "external interference."
According to Ukrainian energy company Ukrenergo News, in the middle of last Saturday, the Ukrainian capital Kiev northern and surrounding areas of power outages, power company experts using manual operation, 30 minutes later began to gradually restore power, 75 minutes after the full recovery.
Ukrenergo, a major energy supplier in Ukraine, has experienced a power outage in Saturday, according to reports.
Vsevolod Kovalchuk, chairman of the company, said in a statement on Facebook that the blackout was mainly affecting the northern part of Kiev (the capital of the Ukrainian Republic) and its environs.
According to the company's technical engineers disclosed that the blackout was caused by "external interference", malicious attackers through the "digital Network" to the company's power system illegal operation.
After the incident, as the incident was characterized as a "malicious cyber attack" incident, the company immediately hired a number of network security experts to investigate the incident in order to solve the problem in a short time and restore the normal supply of electricity.
To deal with power outages, Ukrenergo engineers must switch the power station's equipment to manual mode.
It took about 30 minutes for the technical staff to get the power back to normal, and it took an hour and 15 minutes to completely solve all the problems.
According to Kovalchuk's description, the blackout incident is caused by the loopholes in the company's power automation control system, the engineer must first switch the Power control system to manual control mode before it can fully restore the normal operation of the system.
Our experts soon turned the device into a manual mode, and the power was restored in 30 minutes. About 1 hours and 15 minutes, electricity has been fully restored to supply.
The incident was reminiscent of the attack on the Ukrainian power grid last December, when many security experts believed that the Russian hacker group, using Blackenergy and Killdisk malware, launched a DDoS attack on Ukrainian power companies and postponed the repair process.
It took 3-6 hours for the power company experts to fix the problem after the 2015 incident. It appears that, after the last attack, the Ukrainian state has also increased its training and defensive measures for cyber security in order to resolve this incident in a short time.
It is worth mentioning that a few days ago, ESET's blog article mentions that attacks on the Ukrainian grid and its blackenergy hacker organizations have now appeared to have been renamed Telebots.
Now the hacker group has shifted its target to Ukrainian banks, and it is said that many of the malicious code used in the attacks and Blackenergy had previously been used with greater similarity, so ESET speculated that Blackenergy is the telebots of today.
I wonder if the Ukrainian power outage is related to this incident.
Prior to this, Ukraine had also experienced blackouts. It was 2015, when malicious attackers used malicious software such as Blackenergy and Killdisk to invade computer systems in the State grid and shut down the corresponding control devices.
In January this year, the network of Ukrainian airports was forced to shut down after being infected with Blackenergy malware.
In 2014, Ukraine also experienced a massive cyber attack by Russia that cut off the country's mobile communications network.
As for the blackout, investigators are still not sure who was behind the attack.
There is no doubt that Russia is certainly the biggest suspect.
Russia is also a very beautiful country, not good at home to stay, net out of the blind to engage in things AH
Since Russia has previously used malware Blackenergy to attack relevant Ukrainian government agencies, Ukraine also believes that the blackout is likely to be the Russian authorities once again using Blackenergy to attack Ukraine, But there is not enough evidence to suggest that the attack was waged by blackenergy or Russia.
Of course, in addition to Russia, the United States is also one of the suspects.
Thus, cyber-security attacks have become one of the most powerful means of competition among nations and of obtaining effective information.
For traditional internet security software, industrial security is still a blind spot.
Because industrial control systems are very different from general computer information systems, events such as the Ukrainian grid being hacked will help promote the development of the industrial network security market.
According to statistics, this year the market size has reached 8 billion U.S. dollars, and in 2019 will reach 11 billion U.S. dollars.
Prior to this, when the power network was illegally invaded, because different power systems have different hardware and software specifications, which makes it very difficult for hackers to have too much impact on the power system, so most attacks will be regarded as meaningless attacks, and even the need to return to the superior.
But Ukraine now uses its own blackout to confirm that the movie plot of a massive blackout by hackers could turn out to be a reality, and that the power sector in various countries should pay attention.
Little weave really can't imagine the day without electricity. So small part of the proposal: in addition to do the necessary security defense measures, usually at home also need to have more candles, maybe one day to come in handy.
The above information source security Guest, Freebuf, through the suspension mirror small arranges to arrange the report.