IT experts say Ukraine blackout caused by a cyberattack

January 5, 2016
A blackout which hit a large part of Ukraine's western region of Ivano-Frankivsk on December 23 was due to a computer virus, IT
A blackout which hit a large part of Ukraine's western region of Ivano-Frankivsk on December 23 was due to a computer virus, IT experts said

A power failure that plunged parts of western Ukraine into the dark last month was caused by a cyberattack, IT experts said Tuesday, and one source called it a world first.

The blackout, which hit a large part of the western region of Ivano-Frankivsk on December 23, was due to a computer , they said.

The local electricity company, Prikarpattiaoblenergo, said at the time that the breakdown was caused by "the intervention of unauthorised persons ... in the remote access system" and its technicians had had to restore power manually.

But Ukraine's SBU security service later said it found malware—programmes designed to take over or damage systems—on the networks of several regional electricity companies.

"A virus which we've never seen before was detected... It causes damage. The automated systems stopped functioning and computers shut down," said a Ukrainian source familiar with the incident on condition of anonymity.

A spokeswoman for the Ivano-Frankivsk SBU office Maria Rymar, said the agency was still working on the case.

"For the moment, we can't say who did it and for what purpose," she said.

The IT security firm ESET pinned the blame on a programme called KillDisk that was introduced onto the electricity company's computers on an infected Excel spreading document via "phishing"—tempting an employee to open an inocuous-looking file.

The company, which has been monitoring the spread of KillDisk and a companion programme, said the virus deleted files in the computer systems, making them inoperable, and also contained code to sabotage industrial systems.

"It was a world first" in bringing down civilian infrastructure, ESET's French subsidiary said in a statement.

"This attack can only confirm what professionals have been fearing—cyber-criminals are more and more powerful and cyber-attacks will be more and more numerous in 2016."

IT experts have been warning for years about cyber-security in vital civilian infrastructure such as power grids and transport.

Iran's nuclear refining facilities were hobbled in 2010 by a virus called Stuxnet, which is suspected to have been developed by the United States and Israel.

That was believed to the first virus designed not just to steal information or hijack computers, but to damage equipment.

Explore further: Nuclear power plants warned on cyber security

Related Stories

Iran says Duqu malware under 'control'

November 13, 2011

Iran said on Sunday it had found a way to "control" the computer malware Duqu, which is similar to Stuxnet virus which in 2010 attacked its nuclear programme and infected more than 30,000 computers.

Chevron says hit by Stuxnet virus in 2010

November 9, 2012

Oil giant Chevron was struck by the Stuxnet virus, a sophisticated cyber attack that tore through Iran's nuclear facilities and is believed to have been launched by the United States and Israel.

Malware hunter Kaspersky warns of cyber war dangers

June 6, 2012

The Russian malware hunter whose firm discovered the Flame virus said Wednesday there could be plenty more malicious code out there, and warned he feared a disastrous cyber attack could be coming.

Symantec warns of new Stuxnet-like virus

October 19, 2011

US security firm Symantec has warned of a new computer virus similar to the malicious Stuxnet worm believed to have preyed on Iran's nuclear program.

Recommended for you

A not-quite-random walk demystifies the algorithm

December 15, 2017

The algorithm is having a cultural moment. Originally a math and computer science term, algorithms are now used to account for everything from military drone strikes and financial market forecasts to Google search results.

US faces moment of truth on 'net neutrality'

December 14, 2017

The acrimonious battle over "net neutrality" in America comes to a head Thursday with a US agency set to vote to roll back rules enacted two years earlier aimed at preventing a "two-speed" internet.

FCC votes along party lines to end 'net neutrality' (Update)

December 14, 2017

The Federal Communications Commission repealed the Obama-era "net neutrality" rules Thursday, giving internet service providers like Verizon, Comcast and AT&T a free hand to slow or block websites and apps as they see fit ...

The wet road to fast and stable batteries

December 14, 2017

An international team of scientists—including several researchers from the U.S. Department of Energy's (DOE) Argonne National Laboratory—has discovered an anode battery material with superfast charging and stable operation ...


Please sign in to add a comment. Registration is free, and takes less than a minute. Read more

Click here to reset your password.
Sign in to get notified via email when new comments are made.