Ukraine's Energy Infrastructure Under Cyber and Physical Attack

Severity: High (Score: 77.0)

Sources: Kyivindependent, Atlanticcouncil

Summary

Ukraine has faced systematic Russian strikes on its energy infrastructure for four consecutive winters, with the most recent winter seeing near-daily attacks across 17 regions. All of Ukraine's thermal power plants have been damaged or destroyed, severely impacting central heating for thousands of residential buildings. Ukrainian operators have adapted by pivoting to mobile cogeneration units, allowing for independent generation of heat and electricity. The International Energy Agency (IEA) has noted that Ukraine's emergency response capabilities could serve as a model for other European nations, which rely on outdated centralized heating systems. The threat extends beyond physical attacks to potential cyber vulnerabilities, as demonstrated by previous malware targeting heating systems. In January 2024, a malware called FrostyGoop disrupted heating in Lviv, and a coordinated cyberattack in December 2025 targeted a Polish power plant, highlighting the risk to critical infrastructure across the region. The situation remains precarious as European countries remain unprepared for similar attacks. Key Points: • Ukraine's energy infrastructure has been systematically attacked by Russia for four winters. • All thermal power plants in Ukraine have been damaged or destroyed, affecting heating for thousands. • Cyber vulnerabilities exist in heating systems, with past malware attacks indicating significant risks.

Key Entities

• Malware (attack_type)
• Czech Republic (country)
• Hungary (country)
• Iran (country)
• Lithuania (country)
• Poland (country)
• Energy (industry)
• FrostyGoop (malware)
• T1003 - OS Credential Dumping (mitre_attack)