For John, BLUF: If you are connected to anything but your own generator and your own well you are vulnerable. Nothing to see here; just move along.
While people here in the United States complacently think that our electric power grids and communications (and water, unless you live in Flint, Michigan) are safe and sound, others are observing that Russia appears to be using Ukraine as their cyber testing range. While I am doubtful of a Cyber Pearl Harbor, I have no doubt that the Russians and the Chinese are working on ways to knock out our systems.
From the on-line presence, The Register, we have Kiev airport goes dark after 'BlackEnergy-linked' power outage.
IT systems at Kiev's main airport were floored over the weekend, sparking a renewed warning from Ukraine's Computer Emergency Response Team (CERT-UA) about further BlackEnergy malware-based attacks.Given the way sensitive data on millions of Federal Employees, and their families, has been exposed from the computers of the Office of Personnel Management, it is time to get serious about cyber security. Some have been talking about it for several decades, but it appears few are doing anything about it. Perhaps we need new senior managers, with a new awareness of the current situation.
“Attention: system administrators present a short list of indicators [that] network systems and networks [have been] compromise[d] with BlackEnergy malware,” CERT-UA said in an advisory (according to Google translation of Ukrainian language original here).
“We recommend checking the log files and information flows for the presence / absence of these indicators,” it added.
Malware similar to the BlackEnergy pathogen that reportedly affected three Ukrainian power utilities last month was detected last weekend on computers at Kiev's main airport, Boryspil, according to the airport's press service, Reuters reports.
The BlackEnergy malware and hackers were “clearly” behind power outages in western Ukraine, a SANS expert recently concluded.
Regards — Cliff