A recent report by the US Depart of Homeland Security (DHS) has concluded that a December power outage in Ukraine which caused 225,000 customers to lose electricity was the work of hackers.
The attack was synchronised and coordinated and attacks occurred within 30 minutes of each other. The three regional power companies who were targeted also indicated that the attackers used remote malware to destroy evidence and overwrite the Master Boot Record (MBR), rendering systems inoperable.
Each company also reported that they had been infected with BlackEnergy malware, however, it wasn’t clear whether it played a role in the attack.
The attackers also flooded the companies’ call centres with phone calls to confuse customer service representatives and to prevent real customers from getting through.
Hacking attacks have come a long way from a few attacks on personal computers. The threat to business and infrastructure remains as real as ever.
As always, we recommend a multi-dimensional approach to tackling this menace. A good network intrusion detection system and anti-malware would have been the first steps to take in this instance. Proper training of personnel, coupled with a good business continuity plan and a communications system in place are essential as well.
