IT experts say Ukraine blackout caused by a cyberattack

January 5, 2016
A blackout which hit a large part of Ukraine's western region of Ivano-Frankivsk on December 23 was due to a computer virus, IT
A blackout which hit a large part of Ukraine's western region of Ivano-Frankivsk on December 23 was due to a computer virus, IT experts said

A power failure that plunged parts of western Ukraine into the dark last month was caused by a cyberattack, IT experts said Tuesday, and one source called it a world first.

The blackout, which hit a large part of the western region of Ivano-Frankivsk on December 23, was due to a computer , they said.

The local electricity company, Prikarpattiaoblenergo, said at the time that the breakdown was caused by "the intervention of unauthorised persons ... in the remote access system" and its technicians had had to restore power manually.

But Ukraine's SBU security service later said it found malware—programmes designed to take over or damage systems—on the networks of several regional electricity companies.

"A virus which we've never seen before was detected... It causes damage. The automated systems stopped functioning and computers shut down," said a Ukrainian source familiar with the incident on condition of anonymity.

A spokeswoman for the Ivano-Frankivsk SBU office Maria Rymar, said the agency was still working on the case.

"For the moment, we can't say who did it and for what purpose," she said.

The IT security firm ESET pinned the blame on a programme called KillDisk that was introduced onto the electricity company's computers on an infected Excel spreading document via "phishing"—tempting an employee to open an inocuous-looking file.

The company, which has been monitoring the spread of KillDisk and a companion programme, said the virus deleted files in the computer systems, making them inoperable, and also contained code to sabotage industrial systems.

"It was a world first" in bringing down civilian infrastructure, ESET's French subsidiary said in a statement.

"This attack can only confirm what professionals have been fearing—cyber-criminals are more and more powerful and cyber-attacks will be more and more numerous in 2016."

IT experts have been warning for years about cyber-security in vital civilian infrastructure such as power grids and transport.

Iran's nuclear refining facilities were hobbled in 2010 by a virus called Stuxnet, which is suspected to have been developed by the United States and Israel.

That was believed to the first virus designed not just to steal information or hijack computers, but to damage equipment.

Explore further: Nuclear power plants warned on cyber security

Related Stories

Iran says Duqu malware under 'control'

November 13, 2011

Iran said on Sunday it had found a way to "control" the computer malware Duqu, which is similar to Stuxnet virus which in 2010 attacked its nuclear programme and infected more than 30,000 computers.

Chevron says hit by Stuxnet virus in 2010

November 9, 2012

Oil giant Chevron was struck by the Stuxnet virus, a sophisticated cyber attack that tore through Iran's nuclear facilities and is believed to have been launched by the United States and Israel.

Malware hunter Kaspersky warns of cyber war dangers

June 6, 2012

The Russian malware hunter whose firm discovered the Flame virus said Wednesday there could be plenty more malicious code out there, and warned he feared a disastrous cyber attack could be coming.

Symantec warns of new Stuxnet-like virus

October 19, 2011

US security firm Symantec has warned of a new computer virus similar to the malicious Stuxnet worm believed to have preyed on Iran's nuclear program.

Recommended for you

Microsoft aims at Apple with high-end PCs, 3D software

October 26, 2016

Microsoft launched a new consumer offensive Wednesday, unveiling a high-end computer that challenges the Apple iMac along with an updated Windows operating system that showcases three-dimensional content and "mixed reality."

Making it easier to collaborate on code

October 26, 2016

Git is an open-source system with a polarizing reputation among programmers. It's a powerful tool to help developers track changes to code, but many view it as prohibitively difficult to use.

Dutch unveil giant vacuum to clean outside air

October 25, 2016

Dutch inventors Tuesday unveiled what they called the world's first giant outside air vacuum cleaner—a large purifying system intended to filter out toxic tiny particles from the atmosphere surrounding the machine.


Please sign in to add a comment. Registration is free, and takes less than a minute. Read more

Click here to reset your password.
Sign in to get notified via email when new comments are made.