A new report has revealed that hackers used malware to carry out the attack on the Ukrainian power grid just before Christmas last year.
The report from the US-based SANS ICS found that hackers remotely switched breakers to cut power, following the installation of malware in order to prevent technicians from identifying the attack. This resulted in a six-hour outage for around 80,000 customers of Prykarpattyaoblenergo.
The attack also included a denial of service to the utility’s phone systems. Prykarpattyaoblenergo’s operators have quickly turned to manual operations, disconnecting affected workstations and servers from the grid.
Robert Lee, a former US Air Force cyber warfare operations officer who helped compile the report, was quoted by Reuters as saying, "This was a multi-pronged attack against multiple facilities. It was highly coordinated with very professional logistics.
"They sort of blinded them in every way possible."
Russia has been reportedly blamed for the attack, which appears to be the first time a cyber attack has ever caused an electricity outage.
US cyber company iSight Partners believes that the attack was conducted by a group called Sandworm, which it says is aligned to the national interest of the Russian state.