Pierluigi Paganini December 20, 2016

A cyber attack against the Government Ukraine energy company Ukrenergo may be the root cause of power outage that occurred in Ukraine late on Saturday.

A new cyber attack may be the root cause of power outage that occurred in Ukraine late on Saturday.

According to the Ukraine energy company Ukrenergo, the power outage occurred at the midnight between Saturday and Sunday, the problems affected the”North” substation at Petrivtsi.

The incident caused blackouts in the city of Kiev and neighboring regions.

The company published an official statement to announce the power outage, unfortunately at the time I was writing the website of the Government Ukraine energy company Ukrenergo is down.

The head of the NEC “Ukrenergo” Vsevolod Kovalchuk explained in a message posted on Facebook that experts at the company were able to restore power in 30 minutes with a manual procedure. According to Kovalchuk, the operations were fully restored after just over an hour.

“Our experts quickly switched the equipment into the manual mode and already after 30 minutes began restoring power. In one hour and fifteen minutes power was fully restored,” he wrote.

“For the time being, the main version is the external interference through the data network. Our experts in cybersecurity promise to provide a report in the near future,” he added.

Kovalchuk pointed out that an equipment malfunction or a cyber attack can be the cause of the problem. According to Kovalchuk, an “external interference through the data network” could have caused the power outage.

The experts at Ukrenergo are investigating the power outage.

Of course, the incident brought to mind the power outage that occurred in December 2015 in Ukraine.  The Ukrainian security service SBU and several security experts accused Russia of causing outages.

According to a report published by Booz Allen Hamilton, the attacks that caused the power outage in Ukraine were part of a huge hacking campaign that targeted across the years the critical infrastructure of the country.

Experts at eiSight Partners speculated that the Russian Sandworm APT group was responsible for the Ukrainian power outage.

Alleged Russian state-sponsored hackers have used the BlackEnergy malware alongside with a DDoS attack to compromise the power plants in Ukraine and delay restore operations.

In 2015 power outage, Ukrainian experts were able to restore service within 3-6 hours with manual operations.

[adrotate banner=”9″]

Pierluigi Paganini

(Security Affairs – Ukrenergo, hacking)