Electricity Blackouts Ukraine Direct Result of Cyber Espionage

The power grid blackouts in Ukraine last December was direct result of cyber espionage, cyber spies used a new malware that can sabotage Industrial Control Systems (ICS) SCADA.

According to researchers from security firm ESET it was not isolated cyber-attack and other power plants in Ukraine targeted at the same time.

Cyber spies used Black Energy malware backdoor (32 bit Windows executable) to get inside the system and install the modified variant of ‘Kill Disk’ , which make the infected systems unbootable.

Black Energy

The Trojan Black Energy malware have several downloadable modules and components to perform specific tasks on target computer. The Black Energy Trojan was used in a series of cyber-attacks targeting Ukraine government websites in 2014.

KillDisk

In recent cyber-attacks the Kill Disk is modified and powered up with codes focused on Industrial Control System (ICS), the normal variant managed system files, new variant make a system completely unusable.

According ESET analysis kill disk malware is found in in several electricity companies and news media in Ukraine.

More information about Black Energy Trojan