Sandworm, a Russian Threat Actor, Disrupted Power in Ukraine Via Cyberattack

Cybersecurity company Mandiant reported details of a 2022 cyberattack led by Russian threat actor Sandworm. The group targeted a Ukrainian critical infrastructure organization’s operational technology (OT) environment, causing a power outage that coincided with mass missile strikes. Sandworm utilized a variant of CADDYWIPER malware to create further disruption and eliminate evidence of its operation. The incident signified a new evolution in OT targeting and serves as a reminder for all companies to strengthen their security measures.