Ukraine has foiled a Russian cyberattack on one of its largest energy facilities, officials said, as the country prepares for an expected offensive by Moscow's forces in the east.
The attack was carried out by Sandworm, a hacker group with ties to Russia’s intelligence services, according to Ukraine's Computer Emergency Response Team.
The targeted energy facility was to have been struck in two waves, the government agency said in a Tuesday statement, with an initial attack taking place in February and the thwarted follow-up scheduled for April 8.
While the group’s malware successfully penetrated the grid's management system, it resulted in no power outages, Victor Zhora, a top cybersecurity official, told a press briefing.
The attack employed a modified version of the Industroyer2 malware, Zhora said, adding it was intended to amplify damage done to the country’s physical energy infrastructure by the Russian military.
A December 2015 cyberattack using an earlier version of the malware, believed to be the first of its kind, left hundreds of thousands of Ukrainians without power.
Speaking at the same Tuesday briefing, Farid Safarov, a deputy minister in the energy department, said improvements in cyber defence had given Ukraine advance warning of the attack, while conceding it was impossible to "safeguard the system 100 percent".
In the days leading up to Russia's February 24 invasion, Ukraine said it came under "continuous" and escalating cyberattacks.
Those attacks temporarily disabled several government websites, including those run by the cabinet of ministers, parliament, the foreign ministry and the state security service.