The New York Times has released new information on a claimed cyberattack, allegedly orchestrated by unnamed U.S. officials, that reportedly caused power outages in parts of Venezuela prior to the apprehension of the country’s president, Nicolás Maduro.
One of the key revelations is that the cyber operation could turn off electricity for the majority of people in Caracas, the capital city, albeit only for a few minutes. However, in neighborhoods near the military base where Maduro was captured, the blackout lasted up to three days. Furthermore, the operation reportedly targeted Venezuelan military radar defenses, with the NYT stating that the U.S. Cyber Command was involved.
Quoting the NYT, the report stated, “Turning off the power in Caracas and interfering with radar allowed U.S. military helicopters to move into the country undetected on their mission to capture Nicolás Maduro, the Venezuelan president who has now been brought to the United States to face drug charges.”
The NYT didn’t elaborate significantly on the methods supposedly used in the operation. Historical comparisons were suggested, such as December 2015, when Russia employed general-purpose malware named BlackEnergy to disrupt the power supply of Ukrainian companies. This malware allowed the attackers to cause substantial power outages by infiltrating corporate networks and getting deeper into systems used for electricity generation and transmission.
Another noted example involved a more advanced type of malware called Industroyer, also known as Crash Override, which was used by Russia nearly a year later to attack the Ukrainian power grid directly. Industroyer is recognized as the first known malware framework specifically designed to strike electric grid systems.