New research shows that the December 2015 cyber-attacks on two power facilities in Ukraine seem to have also targeted a mining company and a railway operator in the country
The IT security company Trend Micro has recently published new information according to which the so-called BlackEnergy malware that affected two power facilities in Ukraine in December last year seems to have also affected a mining company and a large railway operator in the country. Based on its research, Trend Micro notes that it has reasons to believe that ‘the same actors are likely involved in some regard to these two [new victims] and to those behind the Ukrainian power attack. There is remarkable overlap between the malware used, infrastructure, naming conventions, and to some degree, the timing of use for this malware […].’ The company also advises organisations in all sector to pay attention to BlackEnergy and to be prepared to defend themselves from similar attacks.
About author
DW Team
The GIP Digital Watch Observatory team, consisting of over 30 digital policy experts from around the world, excels in the fields of research and analysis on digital policy issues. The team is backed by the creative prowess of Creative Lab Diplo and the technical expertise of the Diplo tech team.