The Ukrainian government is warning that Russia is planning on conducting two massive cyberattacks meant to target power grids and other critical infrastructures necessary for the country's defenses.
According to an advisory from the Ukrainian Ministry of Defense, posted on Monday, the Kremlin is planning cyberattacks on the facilities used by Ukrainian enterprises, as well as those belonging to Ukraine's allies.
These cyberattacks will "try to increase the effect of missile strikes on electricity supply facilities, primarily in the eastern and southern regions of Ukraine." This, in turn, will "slow down the offensive operations of the Ukrainian Defence Forces."
The advisory added that Russia also plans to "increase the intensity of DDoS attacks on the critical infrastructure of Ukraine's closest allies." DDoS attacks, or distributed denial-of-service attacks, are meant to disrupt the normal flow of traffic to servers.
DDoS attacks involve sending large amounts of fake traffic to a service or website to overwhelm it. This influx of fake requests will occupy the server or website, and cause it to deny or reject legitimate users.
The DDoS attack, the Ukrainian government says, are targeting the critical infrastructure of its closest allies, particularly the Baltic states and Poland.
Proof of concept
The advisory also alludes to two cyberattacks the Russian government carried out years ago. Per the advisory, "The experience of cyberattacks on Ukraine's energy systems in 2015 and 2016 will be used when conducting operations."
These two attacks, which happened nearly a year apart, left Ukrainians without power or electricity during the coldest months of the year, Ars Technica noted.
The first attack used a repurposed malware called "BlackEnergy3." The Russian hackers used this malware to access the corporate networks of Ukrainian power companies, and gain further access into the systems these companies used to generate and transmit electricity.
Using the repurposed malware, the attackers legitimately and successfully triggered a power failure that resulted to more than 225,000 Ukrainians losing electricity for more than six hours.
The second attack, on the other hand, used new malware specifically created for the purpose of hacking electric grid systems. The new malware, known as "Industroyer" and "Crash Override," was capable of communicating with Ukraine's electric grid systems to de-energize and re-energize substation lines.
It's worth noting that the 2016 malware, which was created from scratch, was able to natively communicate with the systems, which used arcane industrial processes.
These two cyberattacks are seen as "proof of concept" for Russia's capability to disrupt Ukraine's power supply.
