Malware is no longer reserved for the millions of consumer PCs all over the world -- it's now used in corporate espionage, as tool to disrupt the infrastructure of entire countries. It's been revealed that just on December 23rd, attackers were successfully able to infect computers belonging to the Ukrainian national grid, which resulted in hundreds of homes in the Ivano-Frankivsk region going dark. It's thought to be the first cyber attack to result in a power outage.
According to computer security specialist ESET, attackers were able to infiltrate power station computers by using malware-laden Microsoft Office documents. Using social engineering techniques, the files were activated by power station employees, who unwittingly deployed the BlackEnergy trojan. The malware can "plant a KillDisk component" that makes key terminals unbootable or open backdoors that allow external access.
It's believed that Russian hackers known as The Sandworm Team are behind the attack, who have targeted Ukrainian energy suppliers in the past and successfully infected providers in the US and Europe. The Financial Times reports that Ukraine's energy ministry is still conducting a probe into what caused the shutdown. "So far the most likely version is interference in the workings of the automated control systems," said Prykarpattyaoblenergo technical director Oleg Senik. He also said engineers are also having to "manually" fix each substation to restore power in the area.