Skip to content

Incidents in country:

Ukraine

6 incidents catalogued

WiperResolved

Kyivstar wiper attack

Russia's Sandworm group destroyed thousands of virtual servers and workstations at Kyivstar, Ukraine's largest mobile operator, knocking out service for some 24 million subscribers and disrupting air-raid alerts, banking and payments in the most damaging cyberattack on Ukrainian telecoms since the 2022 invasion.

Victim
Kyivstar
Loss
$95.0M
WiperResolved

WhisperGate wiper attack

On the eve of Russia's invasion, a destructive wiper disguised as ransomware corrupted master boot records and files across dozens of Ukrainian government, IT and non-profit organisations, defacing official websites and signalling the cyber dimension of the coming war.

Victim
Ukrainian government, IT and non-profit organisations
EspionageContained

Ukraine power grid attack β€” Sandworm BlackEnergy (2015)

The Russia-linked Sandworm group used spear-phishing, BlackEnergy3, and KillDisk to remotely flip breakers at three Ukrainian regional electricity distribution companies, cutting power to approximately 230,000 customers for 1–6 hours. It is the first publicly acknowledged successful cyberattack on an electric power grid in history.

Victim
Ukrainian regional electricity distribution companies (Oblenergos)