The attack has been linked to previous attempts on Ukrainian power plants

Cyber-attack on Kiev airport prompts security review

The Ukrainian government is looking into the security of its computer systems after the country’s main airport in Kiev suffered a cyber-attack launched from a server in Russia.

Malware was found in the airport’s IT infrastructure, which included air traffic control, that was similar to the software used to attack Ukrainian power plants in December.

A six-hour power outage that hit Ukraine on 23 December was also blamed on a complex cyber-attack involving an injection of detection-preventing malware that emanated from Russia.

A US cyber intelligence firm recently traced the attack back to a Moscow-backed group known as Sandworm.

Although there has been no overt suggestion that the Russian government was directly responsible for the attack on Boryspil airport, it comes at a time of badly strained political relations between Ukraine and Russia.

"In connection with the case in Boryspil, the ministry intends to initiate a review of anti-virus databases in the companies which are under the responsibility of the ministry," said Irina Kustovska, a spokeswoman for Ukraine's infrastructure ministry, which oversees airports, railways and ports.

The malware in the airport's system was detected early on and no long-term damage was incurred from the attack.

An airport spokeswoman said that the authorities were investigating whether the malware was connected to a malicious software platform known as ‘BlackEnergy’, which has been linked to the other attacks on the energy sector.

The country’s state-run Computer Emergency Response Team (CERT-UA) has issued a warning regarding the threat of more attacks.

"Attention to all system administrators ... We recommend a check of log-files and information traffic," it said in a statement.

Although Ukraine's state security service has blamed Russia, the energy ministry said it would hold off on attribution until after it completes a formal probe.

The country has been suffering from regular Russian attacks on its IT systems for some time. In early 2014, its telecommunications system was severely compromised by a denial of service (DoS) attack.

Recent articles

Info Message

Our sites use cookies to support some functionality, and to collect anonymous user data.

Learn more about IET cookies and how to control them