The attack has been linked to previous attempts on Ukrainian power plants

Cyber-attack on Kiev airport prompts security review

The Ukrainian government is looking into the security of its computer systems after the country’s main airport in Kiev suffered a cyber-attack launched from a server in Russia.

Malware was found in the airport’s IT infrastructure, which included air traffic control, that was similar to the software used to attack Ukrainian power plants in December.

A six-hour power outage that hit Ukraine on 23 December was also blamed on a complex cyber-attack involving an injection of detection-preventing malware that emanated from Russia.

A US cyber intelligence firm recently traced the attack back to a Moscow-backed group known as Sandworm.

Although there has been no overt suggestion that the Russian government was directly responsible for the attack on Boryspil airport, it comes at a time of badly strained political relations between Ukraine and Russia.

"In connection with the case in Boryspil, the ministry intends to initiate a review of anti-virus databases in the companies which are under the responsibility of the ministry," said Irina Kustovska, a spokeswoman for Ukraine's infrastructure ministry, which oversees airports, railways and ports.

The malware in the airport's system was detected early on and no long-term damage was incurred from the attack.

An airport spokeswoman said that the authorities were investigating whether the malware was connected to a malicious software platform known as ‘BlackEnergy’, which has been linked to the other attacks on the energy sector.

The country’s state-run Computer Emergency Response Team (CERT-UA) has issued a warning regarding the threat of more attacks.

"Attention to all system administrators ... We recommend a check of log-files and information traffic," it said in a statement.

Although Ukraine's state security service has blamed Russia, the energy ministry said it would hold off on attribution until after it completes a formal probe.

The country has been suffering from regular Russian attacks on its IT systems for some time. In early 2014, its telecommunications system was severely compromised by a denial of service (DoS) attack.

Sign up to the E&T News e-mail to get great stories like this delivered to your inbox every day.

Recent articles