Cyber Resilience

Campaign · all campaigns

2016 Ukraine Electric Power AttackC0025 state

🇷🇺 RU · GRU · Unit 74455

aka 2016 Ukraine Electric Power Attack

Run by Sandworm Team

Last updated: 2026-07-03

1attributed CVEs
28ATT&CK techniques
4.3IDF score (tooling uniqueness)
1exclusive CVEs
2015years active

About this actor

[2016 Ukraine Electric Power Attack](https://attack.mitre.org/campaigns/C0025) was a [Sandworm Team](https://attack.mitre.org/groups/G0034) campaign during which they used [Industroyer](https://attack.mitre.org/software/S0604) malware to target and disrupt distribution substations within the Ukrainian power grid. This campaign was the second major public attack conducted against Ukraine by [Sandworm Team](https://attack.mitre.org/groups/G0034).(Citation: ESET Industroyer)(Citation: Dragos Crashoverride 2018)

Source: MITRE ATT&CK

Activity timeline

Profile

CVERiskCVSSEPSSPublishedProducts
CVE-2015-5374 8.00.00.85682015-07-18see CVE

Mitigating controls (NIST 800-53)

ControlTechniques coveredCoverage
CM-624 / 2886%
SI-424 / 2886%
AC-323 / 2882%
AC-221 / 2875%
CM-221 / 2875%
AC-620 / 2871%
CM-718 / 2864%
SI-718 / 2864%
IA-217 / 2861%
SI-317 / 2861%
AC-516 / 2857%
CM-516 / 2857%
CA-712 / 2843%
SI-109 / 2832%
AC-178 / 2829%

Co-occurring actors

None.

Similar actors

Similar TTPs

Active in same years