Nearly one year after the first power grid attack, a cyberattack hit a substation in Kyiv and left a part of the capital and its surrounding area without electricity for more than one hour. Researchers describe the malware used in this attack as only the second-ever known case of malicious code purpose-built to disrupt physical systems and that the malware can automate mass power outages and includes swappable, plug-in components that could allow it to be adapted to different electric utilities and be launched simultaneously across multiple targets.

The attack was linked to the 2015 power grid attack and attacks against Ukraine’s national railway, government ministries, etc.