Skip to main content

Advertisement

Advertisement

IT experts say Ukraine blackout caused by a cyberattack

KIEV — A power failure that plunged parts of western Ukraine into the dark last month was caused by a cyberattack, IT experts said yesterday (Jan 5), and one source called it a world first.

A power failure that plunged parts of western Ukraine into the dark last month was apparently caused by a cyberattack. Photo: REUTERS

A power failure that plunged parts of western Ukraine into the dark last month was apparently caused by a cyberattack. Photo: REUTERS

Follow TODAY on WhatsApp

Quiz of the week

How well do you know the news? Test your knowledge.

KIEV — A power failure that plunged parts of western Ukraine into the dark last month was caused by a cyberattack, IT experts said yesterday (Jan 5), and one source called it a world first.

The blackout, which hit a large part of the western region of Ivano-Frankivsk on Dec 23, was due to a computer virus, they said.

The local electricity company, Prikarpattiaoblenergo, said at the time that the breakdown was caused by “the intervention of unauthorised persons ... in the remote access system” and its technicians had had to restore power manually.

But Ukraine’s SBU security service later said it found malware — programmes designed to take over or damage systems — on the networks of several regional electricity companies.

“A virus which we’ve never seen before was detected... It causes damage. The automated systems stopped functioning and computers shut down,” said a Ukrainian source familiar with the incident on condition of anonymity.

A spokeswoman for the Ivano-Frankivsk SBU office Maria Rymar, said the agency was still working on the case.

“For the moment, we can’t say who did it and for what purpose,” she said.

The IT security firm ESET pinned the blame on a programme called KillDisk that was introduced onto the electricity company’s computers on an infected Excel spreading document via “phishing” — tempting an employee to open an inocuous-looking file.

The company, which has been monitoring the spread of KillDisk and a companion programme, said the virus deleted files in the computer systems, making them inoperable, and also contained code to sabotage industrial systems.

“It was a world first” in bringing down civilian infrastructure, ESET’s French subsidiary said in a statement.

“This attack can only confirm what professionals have been fearing — cyber-criminals are more and more powerful and cyber-attacks will be more and more numerous in 2016.”

IT experts have been warning for years about cyber-security in vital civilian infrastructure such as power grids and transport.

Iran’s nuclear refining facilities were hobbled in 2010 by a virus called Stuxnet, which is suspected to have been developed by the United States and Israel.

That was believed to the first virus designed not just to steal information or hijack computers, but to damage equipment. AFP

Read more of the latest in

Advertisement

Advertisement

Stay in the know. Anytime. Anywhere.

Subscribe to our newsletter for the top features, insights and must reads delivered straight to your inbox.

By clicking subscribe, I agree for my personal data to be used to send me TODAY newsletters, promotional offers and for research and analysis.