The Main Directorate of Intelligence of the Ministry of Defence of Ukraine (HUR MO) has warned that the Kremlin is planning to carry out massive cyberattacks targeting power grids and other critical infrastructure in Ukraine, as well as institutions of critical infrastructure of Ukraine's allies.
“First of all, the attacks will be aimed at enterprises in the energy sector. The operations will use the experience of cyberattacks on Ukraine’s power grid in 2015 and 2016,” the Ukrainian military intelligence service says.
By conducting cyberattacks, “the enemy will attempt to enhance the effect of missile strikes on power supply facilities primarily in eastern and southern regions of Ukraine.”
“The Kremlin also intends to increase the intensity of DDoS attacks on the critical infrastructure of Ukraine's closest allies, primarily Poland and the Baltic states,” the agency added.
In April, Ukraine’s CERT-UA said it successfully disrupted cyberattacks carried out by the Russia-linked Sandworm APT against Ukrainian critical energy infrastructure. The attackers leveraged the Industroyer2 framework in order to cause damage to high voltage power substations, and planted the CaddyWiper data wiper on computer systems running Windows OS, including servers and industrial control systems (SCADA). The attackers also targeted the organization’s Linux servers using the Orcshred, Soloshred, and Awfulshred malicious scripts.