Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cyberwarfare

Ukraine Power Outage Possibly Caused by Cyberattack

A cyberattack may have caused the power outage that occurred in Ukraine late on Saturday, according to the country’s national energy company Ukrenergo.

A cyberattack may have caused the power outage that occurred in Ukraine late on Saturday, according to the country’s national energy company Ukrenergo.

In a statement published on its website on Sunday, Ukrenergo said the outage occurred on Saturday, near midnight, at the North (Petrivtsi) substation, causing blackouts in the capital city of Kiev and the Kiev region.

Ukrenergo Acting Director Vsevolod Kovalchuk said workers switched to manual mode and started restoring power after 30 minutes. Power was fully restored after just over an hour, Kovalchuk said.

The statement published by Ukrenergo names equipment malfunction and hacking as the possible causes. However, in a message posted on Facebook, Kovalchuk said the main suspect was “external interference through the data network.” The organization’s cybersecurity experts are investigating the incident.

Roughly one year ago, the Ukrainian security service SBU accused Russia of causing outages with the aid of malware planted on the networks of several regional energy companies.

Researchers determined that these attacks involved two main pieces of malware: the BlackEnergy Trojan and KillDisk, a plugin designed to destroy files and make systems inoperable. The attackers directly interacted with the system in order to cut off the power supply, and they used KillDisk to make recovery more difficult, experts said.

Advertisement. Scroll to continue reading.

In the 2015 attacks, power companies restored service within 3-6 hours by switching to manual mode, just like in the latest incident.

A report published recently by Booz Allen Hamilton revealed that the 2015 cyberattacks were likely part of a two-year campaign that targeted several sectors in Ukraine. Researchers identified 11 attacks aimed at the electricity, railway, media, mining and government sectors.

While experts have not found any hard evidence linking these attacks to Russia, the attackers’ significant resources appear to indicate the involvement of a nation state, and the threat actor’s goals align with Russian political interests.

Related: U.S. Electric Grid – America the Vulnerable

Related: Ukraine Accuses Russia of Cyber Attack on Kiev Airport

Written By

Eduard Kovacs (@EduardKovacs) is senior managing editor at SecurityWeek. He worked as a high school IT teacher before starting a career in journalism in 2011. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing for the latest cybersecurity threats, trends, and expert insights.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this live webinar as we break down why email-layer defenses alone can't keep pace with the modern phishing ecosystem, how agentic AI is changing the capacity equation for security teams, and more.

Register

This year's summit will help organizations learn how to utilize tools, controls, and design models needed to properly secure cloud environments. Interact with leading solution providers and other end users facing similar challenges in securing a variety of cloud deployments.

Register

People on the Move

James Phillips has been promoted to the role of Vice President, Cybersecurity Risk Management at AT&T.

Rafal Los has joined Binary Defense as Chief Strategy Officer.

Tracey Mustacchio has joined Everfox as Chief Marketing Officer.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.