Russia attempts to hack Ukrainian energy provider

Russian hackers tried to bring down a Ukrainian power grid, which would have caused blackouts for over 2 million people, Ukrainian government officials and the Slovakian cybersecurity firm ESET said on April 12. The hacking group, known as Sandworm, successfully infiltrated and disrupted the industrial control system of one power station, but defenders were able to prevent electrical outages, Ukrainian officials said. Leaked Ukrainian government documents, though, say that Russian hackers had temporarily shut down nine electric substations. Sandworm initially compromised the Ukrainian power station in February, around the time of Russia’s invasion, according to reports. The group used a malware variant called Industroyer2 that sought to damage high-voltage power substations. A destructive wiper malware known as CaddyWiper was also planted on systems to erase evidence of the attack. Sandworm was behind two pervious hacks that disrupted power supplies in Ukraine.

About This Incident

Threat Actors: Russia

Incident Metadata

Country: Ukraine