US officials briefed on the January 3 extraction of Venezuelan President Nicolas Maduro say the operation leveraged cyberattacks to trigger power outages and disable air defense radars, according to The New York Times.
Shortly after the world learned of Maduro’s capture, US President Donald Trump stated that “the lights of Caracas were largely turned off due to a certain expertise that we have”.
While Trump didn’t explicitly mention a cyberattack, his comments were widely seen that way.
Robert Lee, CEO of industrial cybersecurity firm Dragos, noted at the time that from a technical standpoint the US could have caused a power outage and disrupted air defenses using a cyberattack on operational technology (OT) systems.
The ability of hackers to cause significant power outages was demonstrated in Ukraine in 2016 and 2017. The cybersecurity industry has long warned about the risks posed by hacker attacks to power grids, with researchers presenting several theoretical scenarios in recent years.
However, in the days following Maduro’s capture, mainstream media cited military experts saying that a ‘blackout bomb’ (a graphite bomb that short-circuits electrical power equipment) may have been used to shut down the electricity supply. In addition, Venezuela’s Energy Minister reportedly shared a video showing physical damage to power transmission facilities.
This suggested that a kinetic attack rather than a cyberattack was used to cause the power outages during the extraction.
However, The New York Times has now learned [paywalled] from unnamed officials briefed on the matter that the US did use “cyber weapons” in the operation, dubbed ‘Operation Absolute Resolve’.
Details are scarce, but officials were reportedly informed that hackers operating on behalf of the US government were able to not only shut off the power in Caracas but also restore it within a few minutes.
While the disruption was limited for most residents, some neighborhoods near the military base where Maduro was captured remained without power for up to 36 hours, the NYT reported.
The publication also learned that the US military relied on cyberattacks to interfere with air defense radar.
A combination of cyber and kinetic attacks
The Royal United Services Institute (RUSI), a British defence and security think tank, noted in an analysis last week that the operation likely relied on ‘layered effects’ that combined cyber capabilities with kinetic tools such as jamming and graphite bombs.
The analysis highlights that Venezuela’s power grid was already a strategic vulnerability due to years of infrastructure decay and lack of maintenance.
The think tank believes that while cyber may have provided reconnaissance or specific disruptions, the operation’s success was underpinned by a multi-domain approach where kinetic means remained more certain than hacking alone.
Related: Hackers Target Swedish Power Grid Operator
Related: Over 370 Organizations Take Part in GridEx VIII Grid Security Exercise
Related: Spanish Energy Company Endesa Hacked
