The Ukrainian government is looking into the security of its computer systems after the country’s main airport in Kiev suffered a cyber-attack launched from a server in Russia.
Malware was found in the airport’s IT infrastructure, which included air traffic control, that was similar to the software used to attack Ukrainian power plants in December.
A six-hour power outage that hit Ukraine on 23 December was also blamed on a complex cyber-attack involving an injection of detection-preventing malware that emanated from Russia.
A US cyber intelligence firm recently traced the attack back to a Moscow-backed group known as Sandworm.
Although there has been no overt suggestion that the Russian government was directly responsible for the attack on Boryspil airport, it comes at a time of badly strained political relations between Ukraine and Russia.
"In connection with the case in Boryspil, the ministry intends to initiate a review of anti-virus databases in the companies which are under the responsibility of the ministry," said Irina Kustovska, a spokeswoman for Ukraine's infrastructure ministry, which oversees airports, railways and ports.
The malware in the airport's system was detected early on and no long-term damage was incurred from the attack.
An airport spokeswoman said that the authorities were investigating whether the malware was connected to a malicious software platform known as ‘BlackEnergy’, which has been linked to the other attacks on the energy sector.
The country’s state-run Computer Emergency Response Team (CERT-UA) has issued a warning regarding the threat of more attacks.
"Attention to all system administrators ... We recommend a check of log-files and information traffic," it said in a statement.
Although Ukraine's state security service has blamed Russia, the energy ministry said it would hold off on attribution until after it completes a formal probe.
The country has been suffering from regular Russian attacks on its IT systems for some time. In early 2014, its telecommunications system was severely compromised by a denial of service (DoS) attack.