The Russian hackers attempted to knock out power to millions of Ukrainians in a long-planned attack last week but failed.
According to Ukrainian government officials, at one targeted high-voltage power station, the hackers succeeded in penetrating and disrupting part of the industrial control system, but people defending the station were able to prevent electrical outages.
Top Ukrainian cyber security official, Victor Zhora, commented that “the threat was serious, but it was prevented in a timely manner”, and told reporters through an interpreter that “it looks that we were very lucky”.
The hackers used an upgraded version of malware first seen in its successful 2016 attack that caused blackouts in Kyiv, which was customised to target multiple substations. They simultaneously seeded malware designed to wipe out computer operating systems, hindering recovery.
Nozomi Networks Labs has provided insights on Ukraine’s defeat of a Russian cyber attack attempting to disrupt critical infrastructure. The hackers were targeting the electricity grid and related facilities, which would have severely damaged Ukraine’s defences.