In a stark reminder of the evolving landscape of cyber warfare, a recent report from Google’s cybersecurity subsidiary Mandiant reveals a sophisticated cyber attack on Ukraine’s power grid in October 2022. This disclosure marks the third known assault by Moscow, indicating a troubling trend in the use of digital weapons to disrupt critical infrastructure.

The attack, linked to the Russian Main Intelligence Directorate and its digital warfare unit Sandworm, sheds light on the capabilities of state-sponsored hackers and their potential to cause real-world consequences.

Sandworm: The Chronology of Attacks

Mandiant reported that the October 2022 hacking incident has unfolded in two distinct phases, both demonstrating a high level of sophistication.

In the initial phase, the attackers exploited Ukraine’s own operational technology (OT) to manipulate circuit breakers, plunging four regions into darkness and prompting Kyiv to temporarily halt power exports.