This week, we are going to look at a case study of a cyber attack that contributed to the hack shutdown 30 Ukrainian substations in 2015.

Industrial Control System (ICS) are generally separated from the corporate networks (which are business administrative networks), but it is not the case. The openness between networks contributed to the hack shutdown. The hackers used the corporate networks as the entry point and once they infiltrate this network with malware, they were able to gain access to the ICS as the interfaces that control the flow of power to and from the substations were connected to the Local Area Network (LAN). Although the ICS was password protected, the hackers managed to steal user credentials using the malware that they used to infiltrate the system.

Perhaps, if the Ukrainian powerplant conducted a business impact assessment, they may identify the vulnerability in their critical networks and rectify them before the attack. Additionally, cyber awareness of the members of the organization would help to reduce the change of the malware infiltrating the critical systems.

In conclusion, it is important that organizations can identify which of its systems are critical to meeting their stated goals to ensure that appropriate resources are allocated to the security of those systems.

Reference : https://www.reuters.com/technology/cybersecurity/russian-spies-behind-cyberattack-ukrainian-power-grid-2022-researchers-2023-11-09/#:~:text=The%20hacking%20group%2C%20known%20in,missile%20strike%2C%20the%20report%20said.

✅ 𝗪𝗲 𝗼𝗳𝗳𝗲𝗿 𝗮 𝗰𝗼𝗺𝗽𝗹𝗶𝗺𝗲𝗻𝘁𝗮𝗿𝘆 𝗕𝗜𝗔 𝗮𝘀𝘀𝗲𝘀𝘀𝗺𝗲𝗻𝘁 𝘁𝗼 𝗵𝗲𝗹𝗽 𝘆𝗼𝘂 𝘁𝗼 𝗰𝗵𝗲𝗰𝗸 𝘆𝗼𝘂𝗿 𝗰𝘆𝗯𝗲𝗿 𝘀𝗲𝗰𝘂𝗿𝗶𝘁𝘆 𝗽𝗼𝘀𝘁𝘂𝗿𝗲: https://zfrmz.com.au/m7W8sECfe7w108QPqHp4

👉 To learn more about us, please visit our website: https://cybersafebusiness.au.

#cybersafebusiness #Tips #cybersecurity #security #SmallBusiness #nistframework #cyberawareness #cyberawarenessmonth