A cyber attack against a Ukrainian power grid left customers without electricity for an hour last month. Ukrainian security researchers involved in the investigation say they believe the attack was conducted by the same hackers who cut power in Ukraine a year ago.
Tim Erlin, Sr. Director, Product Management at Tripwire:
When attackers can cause an outage, we’re not talking about data protection; we’re talking about human safety.
There’s more to learn about this attack buried in the logs and other data that’s been collected. The investigation is far from over, and while the headlines may fade, industry professionals should be diligent in learning all they can in order to better defend their own organizations.”
Andrea Carcano, Founder and Chief Product Officer at Nozomi Networks:
“We can’t be sure who is behind this latest attack, but it’s likely to be several criminal gangs working together to conduct the incursion. The methodology used demonstrated they had sophisticated skills, with the attack better organized and more complex than the 2015 breach. This illustrates that there are adversaries, with both intent and ability, to launch attacks and cause damage to the critical infrastructure of every country around the globe, and this threat must not be ignored.
“Cyber resiliency through defence in depth measures is needed and that includes network segmentation, firewalls and visibility solutions. All protectors must re-examine their ICS cybersecurity programs carefully and arm themselves with technology that will enable them to detect and respond to attacks, in real time, if they’re to keep the attackers out and the power on.”
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.