Targeting of Ukrainian power stations
Date of report
  • April 2022
Russian-linked Sandworm hackers targeted high-voltage electrical substations in Ukraine. The attackers used a novel variant of Industroyer malware, dubbed Industroyer2, which interacts with control systems that manage the flow of power. The hackers also deployed multiple strains of wiper malware as part of the attack.
Suspected victims
  • High-voltage electrical substations in Ukraine
Suspected state sponsor
  • Russian Federation
Type of incident
  • Sabotage
Target category
  • Private sector
Victim government reaction
  • Yes
Policy response