Spain is pressing power suppliers for answers amid renewed concerns that a cyberattack may have played a role in April’s prolonged power outage, despite initial claims dismissing hacker involvement.

On April 28, a major power disruption swept across Spain and Portugal. While most regions regained power within 10 hours, full restoration in Spain took nearly a day. Early assessments by grid operators and government officials in both countries found no signs of a cyberattack.

However, the Spanish government has now launched a fresh investigation focusing on smaller, decentralized energy providers. According to The Financial Times, authorities suspect that cybercriminals may have exploited these smaller renewable energy operators as potential entry points into the grid.

The probe, reportedly led by Spain’s National Cybersecurity Institute, is examining whether any unusual activity occurred prior to the outage. Investigators have asked small-scale renewable plants about recent software updates, anomaly reports, and remote access capabilities.

This renewed scrutiny follows a court-ordered inquiry into possible cyber involvement, prompted by similarities to past attacks like the Ukraine grid incidents in 2015 and 2016. Cybersecurity firm Specops Software noted the resemblance but acknowledged that initial telemetry and firewall logs didn’t point to malicious activity within central systems.

Experts like Barracuda’s Miguel López remain skeptical about hacking being the root cause, suggesting that the quick recovery would be unlikely if the systems had been breached.

The incident comes amid a broader wave of cyber threats targeting critical infrastructure across Europe and the US. Authorities have linked some of these attacks to politically motivated groups, such as pro-Russian hacktivists. Notable past events include the Colonial Pipeline ransomware attack and a cyber breach at a Florida water treatment plant.

New research shows that 95% of critical infrastructure organizations experienced a data breach in the past year, underscoring the urgent need for heightened cybersecurity across the sector.

Stay ahead of emerging cybersecurity threats. For the latest insights and updates on cloud security, follow SOC News.

News Source: ITpro.com