UJ.com

Top 2 

                        THURSDAY, MARCH 28, 2024
Make Homepage /  Add Bookmark
Front Page
Nation
Business
Search
Subscription
Advertising
About us
Copyright
Contact
 

   Username:
   Password:


Registration

 
GISMETEO.RU
UJ Week
Top 1   

    
Business    

SBU stops cyber attack on chemical plant
Journal Staff Report

KYIV, July 13 - A Ukrainian intel agency has claimed it stopped a cyber attack against a chlorine plant that was launched using the notorious VPNFilter malware, The Register reported.

Ukraine's SBU Security Service said it thwarted an attack on network equipment belonging to the LLC Aulska chlorine plant in Auly, about an hour away from Dnipro city in central Ukraine, Interfax Ukraine reports.

Kyiv’s counterintelligence arm was quick to blame Russia for the assault on the plant, which provides chlorine to water treatment and sewage plants throughout Ukraine. According to the company's website, its products are used by consumers in 23 regions of Ukraine, Moldova and Belarus.

"Specialists of the cyber security service established minutes after [the incident] that the enterprise's process control system and system for detecting signs of emergencies had deliberately been infected by the VPNFilter computer virus originating from Russia," the SBU said on its Facebook page. "The continuation of the cyber attack could have led to a breakdown in technological processes and a possible accident."

The attack was allegedly geared at disrupting the stable operation of the plant, which provides NaClO (sodium hypochlorite, aka liquid chlorine) for water treatment. Elemental chlorine is commercially produced from a high concentration solution of NaCl (sodium chloride - aka common salt) in water through electrolysis.

Workers at the chlorine company worked with its telco providers and cyber security experts at the SBU to thwart the purported attack, the agency said. VPNFilter, first detected in May, is estimated to have hijacked half a million Internet of Things devices such as routers and network-attached storage (NAS) devices.

The malware is capable of snooping on encrypted web traffic as well as establishing a backdoor on compromised devices.

The code of some versions of the malware overlaps with versions of the BlackEnergy malware, a cyber-espionage nasty previously linked to attacks on Ukrainian power distribution stations. "The behaviour of this malware on networking equipment is particularly concerning, as components of the VPNFilter malware allows for theft of website credentials and monitoring of Modbus SCADA protocols," Cisco Talos, the security team that discovered the malware, warned in May. "Lastly, the malware has a destructive capability that can render an infected device unusable, which can be triggered on individual victim machines or en masse, and has the potential of cutting off internet access for hundreds of thousands of victims worldwide."

Western intel agencies as well as Ukraine's SBU have blamed Russia - an more specifically APT 28, a unit of Russian military intelligence, GRU - for creating and distributing VPNFilter. (rg/ez)




Log in

Print article E-mail article


Currencies (in hryvnias)
  28.03.2024 prev
USD 39.23 39.14
RUR 0.425 0.422
EUR 42.44 42.44

Stock Market
  27.03.2024 prev
PFTS 507.0 507.0
source: PFTS

OTHER NEWS

Ukrainian Journal   
Front PageNationBusinessEditorialFeatureAdvertisingSubscriptionAdvertisingSearchAbout usCopyrightContact
Copyright 2005 Ukrainian Journal. All rights reserved
Programmed by TAC webstudio