Skip to main content

Ukraine Christmas blackout caused by cyberattack malware

A power outage in Ukraine over the Christmas period is being attributed to hackers, indicated a worrying new development in cybercrime.

Half of all homes in the Ukrainian Ivano-Frankivsk region suffered a blackout for several hours on 23 December, now believed to have been caused by malware targeting the systems of regional power plants.

Security researchers believe that the hackers used a form of malware dubbed BlackEnergy to wipe computer files at the electrical plants, shutting them down and making it more difficult to get systems up and running again.

This is also not the first time that hackers have been linked to electrical outages, with some Ukrainian media outlets targeted during local elections last year. Power outages can have wide ranging impacts, disrupting local infrastructure and other services, and continued cyberattacks of this nature could prove hugely damaging.

It is believed that a group called Sandworm are responsible for the blackouts, having previously used the BlackEnergy Trojan to target NATO, energy companies and government bodies across Europe and the US. The group is believed to be based in Russia but there is no evidence of it having any formal ties to the Russian government. However, this did not stop Ukraine's SBU state security service from blaming “Russian security services” last week.

If Russia is responsible for the attack, it would not be the first instance of a government-sponsored cyberattack. Countries such as China, North Korea and the US have all been blamed for disruptive attacks, but proof is often more difficult to come by. Ukraine's suspicion is also understandable in light of its fraught relations with Russia.

Image Credit: Shutterstock/Gunnar Assmy