NCSC Researches Consequences of Malware for Dutch Energy Sector

At the end of December, hackers caused a large power outage in Ukraine by using malware. As a result, thousands of Ukrainian citizens did not have electricity for six hours. The hackers used Black energy-malware, which was originally used to cause Distributed Denial of Service (DDoS) attacks. National Cyber Security Center (NCSC) of the Dutch government researches if malware infections at Ukrainian power stations can also have an influence on the Dutch energy sector.  

In order to spread the Malware, the attackers used an Excel document with macro’s. Normally, in Microsoft Office macro’s are disabled. However, in the Excel document was asked to activate macro’s. After activation, the malware ‘’lite-version’’  was being downloaded. This version later downloaded the complete version of Black Energy.

About any further developments of the research, NCSC will inform the energy sector.