On December 23, an electricity blackout left about half the homes in the Ivano-Frankivsk region of Ukraine without power, according to local reports at the time. It is now believed by security researchers that the blackout was achieved by hackers using malicious code known as the BlackEnergy Trojan.
It is the first confirmed case of power networks being brought down by hackers, confirming fears that have existed for years among energy companies and security experts.
Security company Eset, which examined the incident, said that so-called “BlackEnergy” malware had infiltrated the energy networks, activating a “KillDisk” component that would prevent systems from rebooting.
“This particular variant contained code specifically intended to sabotage industrial systems,” Eset said.
Other malware attacks that have affected physical infrastructures before have been limited to industry or government installations, such as the cyber attack that caused physical damage at a German steel mill in 2014.
Prykarpattyaoblenergo, an energy company in the Ivano-Frankisvk region of western Ukraine, said on Dec. 23 that a blackout in a large part of the area where it delivers electricity was caused by an “interference” in its systems.
BlackEnergy has been used several times on companies in Ukraine and elsewhere, including several media companies during Ukrainian elections last year.