Hackers Used Malware to Confuse Utility in Ukraine Outage: Report

Advertisement
By Reuters | Updated: 11 January 2016 09:34 IST
Hackers likely caused a December 23 electricity outage in Ukraine by remotely switching breakers to cut power, after installing malware to prevent technicians from detecting the attack, according to a report analysing how the incident unfolded.

The report from Washington-based SANS ICS was released late on Saturday, providing the first detailed analysis of what caused a six-hour outage for some 80,000 customers of Western Ukraine's Prykarpattyaoblenergo utility.

SANS ICS, which advises infrastructure operators on combating cyber-attacks, also said the attackers crippled the utility's customer-service center by flooding it with phone calls to prevent customers from alerting the utility that power was down.

Advertisement

"This was a multi-pronged attack against multiple facilities. It was highly coordinated with very professional logistics," said Robert Lee, a former US Air Force cyber warfare operations officer who helped compile the report for SANS ICS. "They sort of blinded them in every way possible."

Experts widely describe the incident as the first known power outage caused by a cyber-attack. Ukraine's SBU state security service blamed Russia, and US cyber firm iSight Partners identified the perpetrator as a Russian hacking group known as "Sandworm."

Advertisement

Ukraine's energy ministry has said it will hold off on discussing the matter until after Jan. 18, following completion of a formal probe into the matter.

The utility's operators were able to quickly recover by switching to manual operations, essentially disconnecting infected workstations and servers from the grid, according to the report.

Advertisement

SANS ICS said on its blog it had "high confidence" in its findings, which were based on discussions and analysis from "multiple international community members and companies". The report's authors declined to identify those sources.

US critical infrastructure security expert Joe Weiss said he believed the report's findings would be validated. "They did a phenomenal job," he said.

Advertisement

There is strong interest in the outage because of concerns that similar techniques could be used to launch more attacks on power operators around the globe.

"What is now true is that a coordinated cyber-attack consisting of multiple elements is one of the expected hazards (electric utilities) may face," SANS ICS Director Michael Assante said in a blog.

"We need to learn and prepare ourselves to detect, respond, and restore from such events in the future," said Assante, former chief security officer of the quasi-governmental North American Electric Reliability Corp.

© Thomson Reuters 2016

 

Get your daily dose of tech news, reviews, and insights, in under 80 characters on Gadgets 360 Turbo. Connect with fellow tech lovers on our Forum. Follow us on X, Facebook, WhatsApp, Threads and Google News for instant updates. Catch all the action on our YouTube channel.

Advertisement

Related Stories

Popular Mobile Brands
  1. iPhone 18 Pro Max Could Get a New Sony Sensor With Variable Aperture Tech
  2. Oppo K15 Launch Date Confirmed; Key Specifications Revealed Ahead of Debut
  3. Apple Back to School Sale: Grab These Deals on MacBook, iPad Models
  4. Lava Virat V1 5G, Virat V1 Key Specifications Confirmed Before India Launch
  5. OnePlus Exits US, Europe, Continues Operations in India: 5 Things to Know
  6. Tecno Camon 50 Ultra 5G With a 6,500mAh Battery Debuts in India: See Price
  7. Here's How Much the iQOO Z11 Lite Could Cost in India
  1. iPhone 18 Pro Max Diagnostics Log Reportedly Reveals Variable Aperture Camera, Sony Sensor Upgrade
  2. Vivo X500 Ultra Leak Suggests Three 200-Megapixel Telephoto Sensors Under Testing
  3. iQOO Z11 Lite Price Range in India, Key Specifications Revealed Ahead of Official Launch
  4. Lava Virat V1 5G, Virat V1 Specifications Revealed Ahead of July 24 India Launch
  5. Oppo K15 Launch Date Confirmed; Key Specifications Revealed Ahead of Debut
  6. WhatsApp Usernames Are Now Reportedly Available for Some Android and iOS Users
  7. Meta Introduces New Parental Alerts for Teen Suicide and Self-Harm Conversations
  8. GTA 6 Had 'Strongest Pre-Order Campaign on Record', on Track to Generate Up to $5.2 Billion in First Week
  9. Android 17 QPR1 Beta 7 Update Brings Refinements, Resolves Battery Share Bug in Quick Settings
  10. Nothing Becomes India's Fastest-Growing Brand Amid Smartphone Market Slowdown in Q2 2026: Counterpoint
Download Our Apps
Available in Hindi
© Copyright Red Pixels Ventures Limited 2026. All rights reserved.