Adrian Johnson
TLDR:
- Russia-linked malware named FrostyGoop targeted a heating utility in Lviv, Ukraine, cutting off heat and hot water to 600 buildings.
- The attack occurred in the midst of winter, impacting civilians during sub-zero temperatures.
The article reveals how Russia-based hackers used malicious software, FrostyGoop, to sabotage a heating utility in Lviv, Ukraine, impacting 600 buildings during the peak of winter. This cyberattack, discovered by industrial cybersecurity firm Dragos, marks the first confirmed case of hackers directly sabotaging a heating utility. The malware altered temperature readings to trick control systems into cooling the hot water running through buildings’ pipes, leaving the civilian population to endure sub-zero temperatures. The FrostyGoop malware is one of less than 10 specimens designed to interact directly with industrial control-system software, sending commands via Modbus. Dragos discovered the malware in April, linked it to a cyberattack in January, and worked with Ukraine’s Cyber Security Situation Center to investigate. The attack closely matches reports of a heating outage at the Lvivteploenergo utility, impacting close to 100,000 people. Although the utility did not provide a comment, the mayor of Lviv raised suspicions of external interference in the company’s work system. The State Services for Special Communication and Information Protection declined to comment on the incident.
