ESET Research jointly presents Industroyer2 at Black Hat USA with Ukrainian government representative
Created: 2022-08-29 06:43:54
- ESET researchers Robert Lipovský and Anton Cherepanov recently presented their research on Industroyer2 at the Black Hat USA 2022 conference.
- Joining the presentation was Deputy Director of Ukraine’s State Service of Special Communications and Information Protection Victor Zhora.
- This is the first time that a Ukrainian governmental representative has taken part in such a high-profile cybersecurity conference.
- ESET researchers pledged to continue working with CERT-UA to support its cyberdefenses.
BRATISLAVA, LAS VEGAS — ESET researchers Robert Lipovský and Anton Cherepanov recently presented breakthrough research into Industroyer2 during a Black Hat conference in Las Vegas, along with Victor Zhora, the Deputy Director of Ukraine’s State Service of Special Communications and Information Protection (SSSCIP). This is the first time that a Ukrainian governmental cybersecurity expert has participated in one of the most prestigious cybersecurity research conferences in the world.
The “surprising” appearance of Zhora during ESET’s presentation was an additional opportunity for research, expert, and media audiences alike to gain in-depth information on Ukraine’s capability to resist the cyber warfare waged by the Russian aggressor.
"The Industroyer2 attack was thwarted thanks to the swift response of Ukrainian defenders and CERT-UA. We provided the Ukrainian side with crucial analysis of this threat, which could have become the most substantial cyberattack since the beginning of the invasion had it succeeded. Our researchers are ready to continue to work with CERT-UA to support its cyber defenses," says Lipovský, ESET's Principal Malware Researcher, who presented the Industroyer2 research at Black Hat with Cherepanov.
Earlier this year, ESET researchers responded to a cyber-incident affecting an energy provider in Ukraine. ESET worked closely with the Computer Emergency Response Team of Ukraine (CERT-UA) in order to remediate and protect this critical infrastructure network.
The collaboration resulted in the discovery of a new variant of Industroyer malware that ESET Research together with CERT-UA named Industroyer2. Industroyer is an infamous piece of malware that was used in 2016 by the Sandworm APT group to cut power in Ukraine. In this case, the Sandworm attackers made an attempt to deploy the Industroyer2 malware against high-voltage electrical substations in Ukraine. In addition to Industroyer2, Sandworm used several destructive malware families. These consisted of disk wipers for the Windows, Linux, and Solaris operating systems.
“Since the end of World War II, humankind has never faced such grave challenges as today, when Russia invaded Ukraine. However, the parallel war in cyberspace is an absolutely new challenge. The knowledge we have gained by this research should be part of a universal common knowledge that helps defend the civilized world from such threats. I’d like to express my gratitude to all our partners who keep supporting us in this unprecedented war and in our struggle for life,” added Zhora.
The State Service of Special Communications and Information Protection of Ukraine is a specialized executive authority whose key functions include provisioning secure government communications, the government courier service, information protection, and cyber defense.
For more technical information about Industroyer2, check out the blogpost Industroyer2: Industroyer reloaded, and for more about the Black Hat presentation, check out Black Hat 2022 – Cyberdefense in a global threats era on WeLiveSecurity. Make sure to follow ESET Research on Twitter for the latest news from ESET Research.
About ESET
ESET develops software solutions that deliver instant, comprehensive protection against evolving computer security threats. ESET pioneered and continues to lead the industry in proactive threat detection. ESET NOD32 Antivirus, its flagship product, consistently achieves the highest accolades in all types of comparative testing and is the foundational product that builds out the ESET product line to include ESET Smart Security. ESET Smart Security is an integrated antivirus, antispyware, antispam and personal firewall solution that combines accuracy, speed and an extremely small system footprint to create the most effective security solution in the industry. Both products have an extremely efficient code base that eliminates the unnecessary large size found in some solutions. This means faster scanning that doesn’t slow down computers or networks. Sold in more than 160 countries, ESET has worldwide production headquarters in Bratislava, SK and worldwide distribution headquarters in San Diego, U.S. ESET also has offices in Bristol, U.K.; Buenos Aires, AR; Prague, CZ; and is globally represented by an extensive partner network. For more information, visit our local office at https://eset.version-2.sg.
About Version 2 Limited
Version 2 Limited is one of the most dynamic IT companies in Asia. The Company develops and distributes IT products for Internet and IP-based networks, including communication systems, Internet software, security, network, and media products. Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 Limited offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which includes Global 1000 enterprises, regional listed companies, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities. For more information, please visit https://www.version-2.com.sg/ or call (65) 6296-4268.