US Confirms BlackEnergy Malware Used In Ukrainian Power Plant Hack

Comments Off on US Confirms BlackEnergy Malware Used In Ukrainian Power Plant Hack

US Confirms BlackEnergy Malware Used In Ukrainian Power Plant Hack (

Technology – Security

The power outage last December in the Ukraine that put 180,000 people in the dark was the first electricity failure caused by a computer hack, the U.S. Department of Homeland Security has confirmed. Researchers previously suggested that a strain of malicious software known as BlackEnergy, a favorite of Russian hacking groups, was responsible.

The December 23 outage at the Prykarpattyaoblenergo power plant in western Ukraine was a nightmare scenario come true for cybersecurity researchers who have warned it was a question of when, not if, hackers managed to infiltrate a critical infrastructure facility.

DHS issued an advisory Tuesday confirming initial evidence that BlackEnergy malware first infected the plant’s systems after a successful spearphishing email attack, when hackers sent what appears to be a normal message to a high value target. Homeland Security and the FBI are among the international investigators still examining the cyberattack.

DHS’s Industrial Control Systems Cyber Emergency Response Team emailed the advisory to Reuters Tuesday, confirming that malware analysis yielded evidence that BlackEnergy 3 was found lurking on Ukrainian networks. It’s the same method of attack that was used against a number of U.S. critical infrastructure targets in 2014, though it’s not clear if any of those incidents led to a similar electricity failure.

The attack has been blamed on Sandworm, a group Russian government sponsored hackers that have spent years harassing Ukrainian officials and their allies.

“There is a darkening sky,” former U.S. National Security Director Michael Hayden told Tuesday of the Ukraine attack. “This is another data point an arc that we’ve long predicted.”

My Two Cents:
The DOE, and FERC need to address cyber security problems as a national security clear and present danger issue (TLP) RED level. I personally feel that the DOE and FERC are NOT the type of government agencies that mission statements are for this type of national security challenge (Protecting the USA Power Grid(s)). The DHS, US-CERT and FBI need to take control and get some move on in this power industry…

Adept Media

Adept Technologies Inc.