- In the Ukrainian city of Lviv, residents has to endure freesing temperatures without central heating for 2 days in mid-January due to a cyberattack against the municipal energy company.
- Cyber security firm Dragos has published a report detailing new malware called FrostyGoop, which is designed to target industrial control systems, particularly heating system controllers, noting that this is the 3nd known incident of a cyber attack against critical infrastructure in Ukraine.
OURTAKE
In the middle of a bitter winter in Lviv, residents spent two long, cold days without central heating. This was not just a simple technical glitch, but a direct consequence of a cyberattack that ruthlessly cut off people’s source of warmth and exposed them to biting winds. At such moments, people are more deeply aware that the importance of cybersecurity is not only about technology, but also about the happiness and security of every individual.
-Rae Li, BTW reporter
What happened
Residents of the Ukrainian city of Lviv were hit by a serious cyberattack in mid-January that knocked out the city’s central heating system and left residents without heat for 2 days. The attack was caused by a piece of malware called FrostyGoop, which specifically targets industrial control systems, particularly heating system controllers. The attack knocked out heating in more than 600 apartment buildings, and residents had to spend nearly 48 hours in subzero temperatures.
The attack was detailed in a report by Dragos, a cybersecurity firm. The FrostyGoop malware interacts with Industrial control devices (ICS) via the Modbus protocol which is widely used for device control in industrial environments worldwide. Dragos researchers found that the attackers may have gained access to the targeted network as early as April 2023 and continued to access the network over the following months, finally carrying out the attack through an IP address in Moscow on January 22, 2024.
In conclusion, although the attackers used Russian IP addresses, Dragos did not directly blame any specific hacking group or government, as no direct link to previous campaigns or tools was found.
Also read: Indonesian cyberattack exposes rising threats in Southeast Asia
Also read: Cyberattack disrupts CDK Global systems, impacting thousands of retailers
Why it’s important
The incident highlights the potential threat of cyber attacks on critical infrastructure, especially those systems responsible for providing essential services such as heating. The case of the FrostyGoop malware emphasises the importance of cybersecurity in modern society and the urgency of protecting critical infrastructure from cyberattacks. In addition, the incident shows that cyberattacks are not only capable of causing physical damage, but can also have a serious impact on the quality of life of the population, and can even be used as a tool of psychological warfare, affecting the morale and confidence of the population. Therefore, understanding and preventing such attacks is crucial to maintaining national security and social stability.