Major blackouts across Puerto Rico. Are the DDoS and the fire linked?

A fire and cyberattack hit an electrical substation for the electricity provider Luma Energy, causing major blackouts across Puerto Rico.

A large fire at the Luma’s Monacillo electrical substation in San Juan for Puerto Rico’s new electricity provider, Luma Energy, caused major blackouts across Puerto Rico on Thursday.

Around nearly 800,000 residents went in in the dark.

“The fire caused major blackouts across the entire island. The situation is under assessment and work is being done to restore the system,” LUMA Energy tweeted.

The same day the blackout took place, the company announced that a major DDoS attack disrupted its online services.

“The DDoS attack, or distributed denial of service attack, generated 2 million visits per second to the client portal and mobile app, impacting many customers’ ability to access account information, according to Luma.” reported NPR.

The authorities are investigating both incidents, but at the time it is still unclear whether the fire and DDoS attack are connected.

The prior energy provider for the Puerto Rico was the Puerto Rico Electric Power Authority, and in June 2020 governor Wanda Vázquez Garced and the AEE signed a contract with LUMA Energy that would give the company control of the AEE electric grid for 15 years.

Ten days ago, Luma entered into its new role as the island’s power authority.

Officials warned the population of possible problems caused by the bad conditions of the electric infrastructure of the country.

“A private company that took over power transmission and distribution in Puerto Rico this month has struggled with widespread outages and growing anger as it scrambled to control a fire that left hundreds of thousands of clients in the dark.” reported the Associated Press.

“Officials say outages had affected more than 1 million customers so far this month, not counting those affected by the explosion and fire at a main substation in the capital of San Juan. Several mayors had declared an emergency as they distributed ice and generators to those most in need before Thursday’s fire, whose cause was under investigation as officials warned it would take all night to restore power after a transformer blew.”

The good news is that the fire caused no injuries.

Gov. Pedro Pierluisi confirmed that state and federal law enforcement authorities are investigating the explosion.

“Whoever is responsible for it will have to answer to the People of Puerto Rico.” Pierluisi said.

The power outage hit the island in the middle of the COVID-19 vaccination campaign and consider that hospitals and centers have to ensure that some vaccines are managed at a low temperature.

The blackout comes as the island is still working to vaccinate its residents against the coronavirus. Vaccines must be kept at a low temperature to remain viable.

According to the Secretary of Health of Puerto Rico, Carlos Mellado López, the operations at the hospital were not impacted and the blackout did not destroy the vaccines.

José Pérez added that the outages could be acts of sabotage or the result contemporary use of too many people of the electric system.

Follow me on Twitter: @securityaffairs and Facebook

[adrotate banner=”9″]

[adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, fire)

[adrotate banner=”5″]

[adrotate banner=”13″]