This week, we are going to look at a case study of a cyber attack that contributed to the hack shutdown 30 Ukrainian substations in 2015.
Industrial Control System (ICS) are generally separated from the corporate networks (which are business administrative networks), but it is not the case. The openness between networks contributed to the hack shutdown. The hackers used the corporate networks as the entry point and once they infiltrate this network with malware, they were able to gain access to the ICS as the interfaces that control the flow of power to and from the substations were connected to the Local Area Network (LAN). Although the ICS was password protected, the hackers managed to steal user credentials using the malware that they used to infiltrate the system.
Perhaps, if the Ukrainian powerplant conducted a business impact assessment, they may identify the vulnerability in their critical networks and rectify them before the attack. Additionally, cyber awareness of the members of the organization would help to reduce the change of the malware infiltrating the critical systems.
In conclusion, it is important that organizations can identify which of its systems are critical to meeting their stated goals to ensure that appropriate resources are allocated to the security of those systems.
Reference : https://www.reuters.com/technology/cybersecurity/russian-spies-behind-cyberattack-ukrainian-power-grid-2022-researchers-2023-11-09/#:~:text=The%20hacking%20group%2C%20known%20in,missile%20strike%2C%20the%20report%20said.
