More than a month after the start of the Russian offensive, the cyberwar also continues in Ukraine.
kyiv has foiled a Russian cyberattack targeting one of its biggest energy facilities, officials said in the country, which now expects a major military offensive from Moscow in the east.
According to the "cyber firefighters" of Ukraine's CERT (Computer Emergency Response Team), the attack was carried out by Sandworm, a group of hackers with ties to Russian intelligence.
The attack was designed to deprive "millions" of Ukrainians of electricity and was to strike in two waves, the government agency said on Tuesday.
A first attack took place in February and the second, foiled, was planned for April 8.
If the group's malware managed to penetrate the installation's network management system, it did not cause any power cuts, said Victor Jora, a senior Ukrainian official, during a press briefing.
“Continuous” and growing attacks
The attack used software called Industroyer2, an updated version of malware used in December 2015 against the country's electrical installations which had deprived hundreds of thousands of Ukrainian homes of electricity.
During the same press briefing, Ukrainian Deputy Minister of Digital Development, Farid Safarov, assured that his progress in cyber defense had enabled the country to anticipate the attack, while admitting that it was impossible to "protect the 100% system.
Read alsoUkraine: after a month of war, “Russian cyberattacks have only minor impacts”
In the days leading up to the February 24 Russian invasion, Ukraine claimed it was under "continuing" and escalating cyberattacks.
They had made several government sites temporarily inaccessible, including those of Parliament, the Ministry of Foreign Affairs and the security services.
“A few denial of service attacks”
"This is the first conflict where cyber is really on the front line, but we have not seen as much activity in cyberspace as we expected", had analyzed for the Parisian, Wendi Whitmore, the director of Unit 42, a cybersecurity research unit at Palo Alto Networks.
“Cybercriminals won over to the Russian cause have indeed refocused their forces on Ukraine, but they have mainly engaged in disinformation campaigns and a few denial of service attacks”, explains this specialist who advises the Biden administration.
/cloudfront-eu-central-1.images.arcpublishing.com/prisa/VBWGZ7VKWBCWFGCTCLPFTUNWTU.jpg)