Ukraine warns of more malware attacks after Kyiv airport hit
Analysts warn cyber attacks could be a new tactic in Russia’s aggression against Ukraine’s pro-western government, following the annexation of Crimea, support for separatists in eastern regions and engagement in a trade war.
Officials detected malware last week in a computer in the airport’s IT network. We suspect that this attack came from Russian Federation.
Speaking to Reuters, military spokesman Andriy Lysenko said: “The control centre of the server, where the attacks originate, is in Russian Federation”.
The news comes just two weeks after another digital attack brought down a rural power station in Ukraine, leaving tens of thousands of people without power for several hours. The ministry oversees airports, ports and railways.
“However, the approach is of course retrospective, so forward-looking companies are adopting “immune systems” that learn what is normal within the organisation and can detect a threat as soon as it starts to emerge, enabling them to respond before an attack becomes a business crisis”, he said.
IT systems at Kyiv’s main airport were floored over the weekend, sparking a renewed warning from Ukraine’s Computer Emergency Response Team (CERT-UA) about further BlackEnergy malware-based attacks.
A spokeswoman for the airport said Ukrainian authorities were investigating whether the malware was connected to a malicious software platform known as “BlackEnergy”, which has been linked to other recent cyber-attacks on Ukraine. She said there are signs this is the case.
In January, a USA cyber intelligence firm traced the attack to a group known as Sandworm, a Moscow-backed group, Hacked reported. This attack led to power outages throughout the country.
Ukraine’s security service blamed the incident on its counterpart in Russian Federation, while global computer experts said the attack raised the prospect of more frequent and damaging attacks by shadowy groups on civilian infrastructure.
Featured image from Shutterstock.