According to Google subsidiary "Mandiant", a Russian hacker group conducted a multi-stage cyber attack on the Ukrainian power grid in October 2022.
"Reuters" writes about it.
We are talking about hackers from the "Sandworm" group, which is connected to Russian intelligence. The attack took place on October 10, the first day of massive missile strikes on Ukrainian energy infrastructure. Then the malicious code turned off part of the substations at the same time as the missile strike.
"This attack represents the latest evolution in Russiaʼs cyber-physical attack capabilities, which have become increasingly visible since Russiaʼs invasion of Ukraine," Mandiant noted in a report. The company does not name specific objects that were attacked by cybercriminals.
- In 2022, the State Security Service also announced "Sandworm" involvement in cyber attacks. Ukrainian cyber experts timely discovered the malicious software, which was supposed to be activated in the evening of April 8. Its activation would lead to the blackout of a certain territory of the country and would deprive a large number of civilians of electricity supply. The investigation determined that the "Sandworm" group was most likely behind this attack.