#Blackout, #Bots and #Trolls
On
December, 23th, 2015, parts of the electricity infrastructure in Ukraine were
attacked by hackers. The result was a blackout for approx. 700K people.
According
to @wired and @ZEIT, the hack was launched with a malware called blackenergy.
This is a framework that can be equipped with different exploits. In the attack
a „killdisc“ feature was used that destroys the boot sector on a hard disk and
thereby makes the computer useless.
In
addition, wired reports that there had been a denial of service attack on the
telephone hotlines of the energy companies: Many people called the hotlines and
made wrong statements about the location of blackouts so that the companies
could not know what was really going on.
This case
reminds of a cyberattack in the Russian-Georgian war in 2008 when the energy infrastructure
in Georgia was taken down: The target is similar, the exploit seems to be an
update and at least for the telephone denial of service attack, many “hacktivists”
are necessary. All three points show a parallel to the attack from 2008.
Some weeks
earlier, paramilitaries from Ukraine had destroyed manually the energy
transmission to Crimea. It therefore seems very plausible to assume that Russia
is responsible for this attack.
But the
nearby solution does not have to be right! First of all it makes a big
difference if the attack was made by any pro-Russian group (like the hacker
group cyberberkut) or by the Government. Even in the very good documented case
of 2008 it is not clear if the attack was launched by official institutions
like secret service or army or by the Russian mafia.
Second,
there is always the possibility that even a serious attack is a hoax by an
agent provocateur. Especially secret services trained in the tradition of KGB
(and that holds true for the Ukrainian side as well) are said to be experts in
those operations. (Take a look at Alan Furst’s “Night Soldiers” for a
literarily perspective!)
Just a week
later, Twitter began to block many accounts from Ukraine. The internet service
UAposition claims that Russian bots did falsely report innocent Ukrainian users
to be blocked and that Twitter made a mistake.
Might be.
But from my own studies I know that there are so many Ukrainian bots that it is
as well very likely that Twitter has just started to block these users now. By
the way, Facebook has started to block Ukrainian users as well, some month ago,
because of hate speeches. Mighty Marc himself reviewed some of the blockings
and said: “I think, we made the right decision.” At least, this is wat
UAposition says.
What we can
say for certain is that cyberwar activities from bots to hacks are happening regularly
in Ukraine and frequency and intensity seems to increase.
Kommentare
Kommentar veröffentlichen