NYT: “Precise” Cyber-Attack Caused Venezuela Blackout, Officials Say
▼ Summary
– The New York Times reports a US cyber operation caused power outages in parts of Venezuela, including a multi-day outage near a key military base, ahead of President Nicolás Maduro’s capture.
– The cyber attack also targeted Venezuelan military radar systems, with US Cyber Command reportedly involved in the operation.
– These disruptions in power and radar allegedly allowed US military helicopters to enter Venezuela undetected to carry out the mission to capture Maduro.
– The article contrasts these events with past Russian cyber attacks on Ukraine’s power grid, which used specific malware like BlackEnergy to infiltrate and trigger failures.
– A later, more sophisticated Russian attack used the Industroyer (Crash Override) malware, the first known framework designed to directly attack electric grid systems.
A recent report has provided new insight into a sophisticated cyber operation that disrupted electrical power in Venezuela, allegedly facilitating a major military action. According to details from unnamed U.S. officials, this precise cyber-attack was timed to coincide with the mission to capture Venezuelan President Nicolás Maduro. While the blackout lasted only minutes for most of the capital, Caracas, it persisted for approximately three days in neighborhoods adjacent to the military base where the operation took place. The cyber operation also reportedly targeted Venezuela’s military radar systems, with U.S. Cyber Command involvement indicated.
The strategic objective was to create a tactical advantage. By disabling power and interfering with radar coverage, U.S. military helicopters were able to enter Venezuelan airspace undetected during the mission that resulted in Maduro’s capture. The president has since been transported to the United States to face narcotics trafficking charges. The report offers limited technical specifics on the methods used, contrasting it with known historical attacks on electrical infrastructure.
For instance, a 2015 attack on Ukraine’s power grid, attributed to Russia, employed a different approach. Attackers used the BlackEnergy malware to first infiltrate corporate networks at power companies. From there, they moved laterally into the critical supervisory control and data acquisition (SCADA) systems that manage electricity generation and transmission. The adversaries then manipulated legitimate grid control functions to trigger a widespread failure, leaving over 225,000 people without power for more than six hours.
A subsequent and more advanced attack on Ukraine’s grid occurred about a year later. This operation utilized a specialized malware framework known as Industroyer, or alternatively Crash Override. This malicious software is significant as it represents the first known malware specifically engineered to directly attack electric grid control systems. Its design allows it to communicate with and manipulate the industrial control hardware that governs power distribution, demonstrating a dangerous evolution in cyber threats to critical national infrastructure. The Venezuela incident, while lacking public technical details, points to a continuing trend of state-level cyber operations aiming to achieve physical, real-world effects.
(Source: Ars Technica)
