The New York Times has released additional information about an alleged cyberattack that unnamed US officials say plunged parts of Venezuela into darkness just before the arrest of the country’s president, Nicolás Maduro.
A central new claim is that the operation cut power for most residents of Caracas for only a few minutes, while in neighborhoods near the military base where Maduro was captured the outage persisted for three days. The cyber operation also reportedly targeted Venezuelan military radar systems. The paper said the US Cyber Command was involved.
Any further details?
“Cutting power in Caracas and disrupting radar allowed US military helicopters to enter the country undetected during the mission to capture Nicolás Maduro, the Venezuelan president who has since been transported to the United States to face drug charges,” the NYT reported.
The NYT offered little additional information, leaving out the alleged techniques used. For example, when Russia knocked out power in December 2015, it used general-purpose malware called BlackEnergy to first infiltrate the corporate networks of the targeted utilities and then move into the supervisory control and data acquisition systems those companies used to generate and deliver electricity. The attackers then leveraged legitimate power-distribution functionality to trigger the failure, cutting power to more than 225,000 people for over six hours until grid crews restored service.
In a second attack nearly a year later, Russia deployed a much more advanced piece of malware to disable key parts of the Ukrainian power grid. Known as Industroyer, or Crash Override, it is the first identified malware framework built specifically to target electric grid systems directly.
