Following a cyber attack on the main airport in Kiev, Ukraine, the government is beginning a review of government computer system defenses, Reuters reported Monday.
The attack on the airport, Boryspil, used malware similar to the December power utility cyber attack (Defense Daily, Jan. 13) with both originating in Russia, the report said.
The original Dec. 23 power outage cut electricity to 80,000 customers for several hours. Ukraine’s state security service blamed Russia, although formal attribution from the energy ministry is being held off until a formal investigation is completed.
The airport cyber attack was detected last week in the airport’s IT network, including the air traffic control system. A Ukrainian military spokesman said the malware was detected early and no damage was done.
“In connection with the case in Boryspil, the ministry intends to initiate a review of anti-virus databases in the companies which are under the responsibility of the ministry,” Irina Kustovska, spokeswoman for Ukraine’s infrastructure ministry, said.
“Attention to all system administrators…We recommend a check of log-files and information traffic,” Ukraine’s Computer Emergency Response Team (CERT-UA) said in a warning statement.
A spokeswoman for the airport said government authorities are investigating if the malware is connected to the softwarte platform “BlackEnergy,” which was linked to the earlier cyber attacks, the report said.
iSight Partners, a U.S. cyber intelligence firm, said in a Jan. 7 blog post it tracked the electric utility attacks to the Russian hacking group called Sandworm.