DUBAI – UAE: ESET researchers Robert Lipovský and Anton Cherepanov recently presented  breakthrough research into Industroyer2 during a Black Hat conference in Las Vegas, along with Victor Zhora, the Deputy Director of Ukraine’s State Service of Special Communications and Information Protection (SSSCIP). This is the first time that a Ukrainian governmental cybersecurity expert has participated in one of the most prestigious cybersecurity research conferences in the world.

The “surprising” appearance of  Zhora during ESET’s presentation was an additional opportunity for research, expert, and media audiences alike to gain in-depth information on Ukraine’s capability to resist the cyber warfare waged by the Russian aggressor.

“The Industroyer2 attack was thwarted thanks to the swift response of Ukrainian defenders and CERT-UA. We provided the Ukrainian side with crucial analysis of this threat, which could have become the most substantial cyberattack since the beginning of the invasion had it succeeded. Our researchers are ready to continue to work with CERT-UA to support its cyber defenses,” says  Lipovský, ESET’s Principal Malware Researcher, who presented the Industroyer2 research at Black Hat with Cherepanov.

Earlier this year, ESET researchers responded to a cyber-incident affecting an energy provider in Ukraine. ESET worked closely with the Computer Emergency Response Team of Ukraine (CERT-UA) in order to remediate and protect this critical infrastructure network.

The collaboration resulted in the discovery of a new variant of Industroyer malware that ESET Research together with CERT-UA named Industroyer2. Industroyer is an infamous piece of malware that was used in 2016 by the Sandworm APT group to cut power in Ukraine. In this case, the Sandworm attackers made an attempt to deploy the Industroyer2 malware against high-voltage electrical substations in Ukraine. In addition to Industroyer2, Sandworm used several destructive malware families. These consisted of disk wipers for the Windows, Linux, and Solaris operating systems.

“Since the end of World War II, humankind has never faced such grave challenges as today, when Russia invaded Ukraine. However, the parallel war in cyberspace is an absolutely new challenge The knowledge we have gained by this research should be part of a universal common knowledge that helps defend the civilized world from such threats I’d like to express my gratitude to all our partners who keep supporting us in this unprecedented war and in our struggle for life,” added Zhora.

The State Service of Special Communications and Information Protection of Ukraine is a specialized executive authority whose key functions include provisioning secure government communications, the government courier service, information protection, and cyber defense.

About ESET

For more than 30 years, ESET® has been developing industry-leading IT security software and services to protect businesses, critical infrastructure and consumers worldwide from increasingly sophisticated digital threats. From endpoint and mobile security to endpoint detection and response, as well as encryption and multifactor authentication, ESET’s high-performing, easy-to-use solutions unobtrusively protect and monitor 24/7, updating defenses in real time to keep users safe and businesses running without interruption. Evolving threats require an evolving IT security company that enables the safe use of technology. This is backed by ESET’s R&D centers worldwide, working in support of our shared future.

Share this: