This post was originally published here: post


Security firm iSIGHT Partners said in a blog post that it believes that the world’s first power outage caused by hackers in Ukraine two weeks ago may be the work of Russian group Sandworm Team.

The company said the use of trojans from the BlackEnergy malware family as well as the KillDisk tool, found after investigation the attack on Ukrainian power authorities’ systems, are common in Sandworm Team’s attacks. Those findings, along with intelligence supplied by ‘sensitive sources’ point to the Russian cyberattack outfit.

Reuters reports that Ukraine’s SBU state security service also believes Russia is to blame for the outage. However, no links between Sandworm Team and the Russian government have been established so far.

The group is believed to have previously targeted Ukrainian officials, NATO members and even the US Department of Homeland Security on espionage missions.

Sandworm Team and the Ukrainian Power Authority Attacks [iSIGHT Partners Blog]