Blackouts In Spain & Portugal Likely Caused By A Cyber Attack

Uploaded on 2025-04-29 in NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Production-Utilities, BUSINESS-Production-Energy

A massive power outage struck the Iberian Peninsula on April 28, plunging millions of people into darkness as electricity supplies were suddenly cut across Spain and Portugal. According to Juanma Moreno, President of the Andalusian regional government, hostile activity by cyber criminals is  the most likely cause of the blackout. 

Portugal’s grid operator, RNA, offered an alternative explanation for the massive power outage when it It blamed a rare atmospheric phenomenon which caused "oscillations" and "vibrations" in high power lines, which in turn resulted in "synchronisation failures" across the national grid. 

It is unclear how such oscillations might have affected power supply across Spain.

Around midday on Monday electrical systems of all kinds started to break down across both nations, affecting electrical power, telecoms and internet connectivity affecting emergency services across both countries - only the offshore  islands were  unaffected. 

El Pais, the Spanish newspaper said, “the power outages have paralysed the normal operation of infrastructure, communications, roads, with widespread traffic light failures, train stations, airports, businesses, and buildings,” including incidents involving elevators. 

The Portuguese newspaper, Correio da Manha, said that police have been sent out into the streets to help with traffic control in the absence of the usual infrastructure to keep vehicles moving. Vodafone  blamed disruptions to its network across Portugal on the continuing electricity problems. Even the French Basque region neighbouring Spain is reported to have suffered “brief power cuts".

If this is the result of a cyber attack it will be the most significant attack of its kind since 2015 and 2016 when widespread national blackouts were inflicted on Ukraine by Russian hackers, several years prior to the subsequent  failed invasion.  

While the exploit  affected hundreds of homes in western Ukraine, this incident is affecting millions of people across the Iberian Peninsula and an attack of such wide ranging impact affecting  major EU nations would be a challenging and complex operation, beyond the capabilities of all but the most skilled and well-resource nation-state  threat groups. 

The International Energy Agency recently warned that cyber attacks against utilities worldwide have more than doubled between 2020 and 2022 and while there have been some cases of undersea cables and even gas pipelines being severed in the past, these caused localised disruption, rather than affecting an entire nation. 

Most previous attacks on energy infrastructure, including those in Ukraine, Estonia  and the highly effective Stuxnet attack on nuclear facilities in Iran, have been blamed on nation state actors, although no nation has ever claimed responsibility.

@JuanMa_Moreno  |   El Pais |   CM Jornal  |   ITPro   |   Sky News   |   Figaro   |   Yahoo   |   BBC   | 

ITVX   |   Cybersecurity News   |   Ars Technica   |  IEA    

Image: 

You Might Also Read: 

Cybersecurity, Volt Typhoon & The Grid:

If you like this website and use the comprehensive 8,000-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible



 

« Cybersecurity Risks In Legacy Scheduling Systems & How To Mitigate Them
Ransomware Attacks On The Energy Sector Surging »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 8,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Council of Europe - Cybercrime Programme Office (C-PROC)

Council of Europe - Cybercrime Programme Office (C-PROC)

The Cybercrime Programme Office of the Council of Europe is responsible for assisting countries worldwide in strengthening their legal systems capacity to respond to cybercrime

NopSec

NopSec

NopSec provides automated IT security control measurement and risk remediation solutions to help businesses protect their IT environments from security breaches.

Merlin Cyber

Merlin Cyber

Merlin is a premier cybersecurity platform that leverages security technologies, trusted relationships, and capital to develop and deliver groundbreaking security solutions.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Government CSIRT - Chile

Government CSIRT - Chile

Government CSIRT is the Computer Security Incident Response Team for State networks and government cyberspace in Chile.

Pluribus One

Pluribus One

Pluribus One develops customized solutions and other data-driven applications to secure your business and your devices.

QI ANXIN Technology Group

QI ANXIN Technology Group

QI ANXIN specializes in serving the cybersecurity market by offering next generation enterprise-class cybersecurity products and services to government and businesses.

Q6 Cyber

Q6 Cyber

Q6 Cyber is an innovative threat intelligence company collecting targeted and actionable threat intelligence related to cyber attacks, fraud activity, and existing data breaches.

Stratum Security

Stratum Security

Stratum Security is an information security consulting company that focuses on providing clear and concise risk guidance to its clients through high quality assessment services.

QuoIntelligence

QuoIntelligence

QuoIntelligence experts can help your team understand the evolving cyber threats and provide simple yet comprehensive recommendations so you can focus on what matters.

SafeStack Academy

SafeStack Academy

SafeStack Academy is an online cyber security and privacy education platform. Our content is designed by experts to suit small businesses, growing companies, and development teams.

Senteon

Senteon

Senteon is a turnkey cybersecurity platform designed to make securing confidential data affordable, understandable, and streamlined for small-to-mid sized businesses and MSPs.

RankedRight

RankedRight

RankedRight empowers security teams to take immediate action on their most critical risks.

Istari

Istari

ISTARI is a new kind of cyber risk management company. We’re an agile collective of best-in-class capabilities and experts, who build ongoing partnerships with clients.

Corsearch

Corsearch

Combining AI-powered technology and decades of industry expertise, Corsearch is revolutionizing how companies establish and protect their brands.

Amplix

Amplix

In the race to create value for your enterprise, Amplix is your best asset for making technology decisions and optimizing your IT infrastructure, cloud usage, and security posture.