Cyberattacks targeting the power sector have the potential to cause significant disruptions, affect public safety, and disrupt essential services.
- Ukraine Power Grid Attack (2015 and 2016): Ukraine experienced two separate cyberattacks that resulted in widespread power outrages in December 2015 and 2016. The attacks attributed to state-sponsored actors, involved the use of malware to gain access to control systems and disrupt power distribution. These incidents demonstrated the potential impact of cyberattacks on power grid infrastructure.
- NotPetya Ransomware Attack (2017): NotPetya ransomware attack targeted power organization worldwide, spread rapidly, exploiting vulnerabilities in systems and encrypting data, causing widespread disruptions and financial losses.
- Dragonfly (2011): Dragonfly campaign has been active since 2011 and has targeted the power companies primarily in Europe and North America. The campaign involves sophisticated spear-phishing attacks and attempts to gain persistent access to critical infrastructure systems for potential future disruptions.
Industroyer (2016): Industroyer is a malware specifically designed to target industrial control systems (ICS) used in power grids. The malware has the capability to manipulate and disrupt power grid operations, potentially leading to widespread outrages and damage used in an attack against power grid in Ukraine.