A coordinated cyberattack targeting electrical grid control systems caused rolling blackouts affecting approximately 12 million people across five European countries beginning Tuesday evening, in what governments and cybersecurity researchers have attributed to a nation-state actor with a high degree of confidence.
The Attack
The attack began at 21:47 local time and exploited a zero-day vulnerability in widely deployed SCADA software used to control power distribution infrastructure. The malware, which had been implanted in target systems over a period of weeks according to forensic analysis, executed simultaneously across multiple grid operators, disabling remote control capabilities and triggering automatic safety shutdowns.
Geographic Impact
Power disruptions were reported across portions of Germany, Poland, the Czech Republic, Austria, and Slovakia. The most severe impact was in a single major metropolitan area, where power was disrupted for up to nine hours. Emergency services operated on backup power, with hospitals activating generator protocols.
Attribution
Government cybersecurity agencies in three affected countries issued coordinated statements attributing the attack to a nation-state actor with high confidence, without naming the responsible party in initial public statements. Cybersecurity firms with government contracts confirmed the assessment, noting specific code signatures, infrastructure, and operational timing consistent with a well-documented threat actor.
Policy Implications
The attack immediately elevated discussions about critical infrastructure protection at the highest levels of European governance. An emergency session of EU defense and energy ministers has been called for next week.
