A cyber-attack on Kiev’s main airport was launched from a server in Russia, Ukraine’s military spokesman told Reuters on Monday, as the state-run Computer Emergency Response Team (CERT-UA) warned of the threat of further attacks.
Malware similar to that which attacked three Ukrainian power firms in late December was detected in a computer in the IT network of Kiev’s main airport, Boryspil, last week. The network includes the airport’s air traffic control.
“The control centre of the server, where the attacks originate, is in Russia,” military spokesman Andriy Lysenko said by phone, adding the malware had been detected early in the airport’s system and no damage had been done.
A spokeswoman for the airport said Ukrainian authorities were investigating whether the malware was connected to a malicious software platform known as “BlackEnergy,” which has been linked to other recent cyber-attacks on Ukraine. There are some signs that the attacks are linked, she said.
“Attention to all system administrators … We recommend a check of log-files and information traffic,” CERT-UA said in a statement.
In December three Ukrainian regional power firms experienced short-term blackouts as a result of malicious software in their networks. Experts have described the incident as the first known power outage caused by a cyber-attack.
A US cyber intelligence firm in January traced the attack back to a Moscow-backed group known as Sandworm.