Making Putin's Cyber Attack Impossible (clarifying previous 2 vids) 2026-01-24 17-23-33

Realistically, the complexity and local differences in grids make a true, simultaneous “global” blackout extremely hard, but the same software, hardware targets, and methods above could credibly produce very large multi‑country blackouts if executed by capable state‑sponsored actors.

In summary, computers regulating power supply can effectively operate in "droop speed control" mode while disconnected from the internet by relying on local control systems. This approach enhances security and maintains essential power supply functions, though it may limit coordination and monitoring capabilities.

Pre-positioned malware on compromised hosts enabled remote HMI control and gateway firmware wipes locally within the enterprise network; no real-time C2 over the internet was required during the actual blackout phase. Poor segmentation allowed full traversal over months undetected.
Had the IT networks not been connected to the internet they could not have been infected via spear-phishing e-mails, correct?

Yes, that's correct.
Phishing Dependency

Spear-phishing emails delivering BlackEnergy malware required users on internet-connected IT networks to receive and open malicious attachments (e.g., Excel or Word macros). Without internet access, those emails couldn't reach inboxes, preventing initial infection.
Infection Alternatives

No evidence shows BlackEnergy entering via offline methods like USB in this attack; phishing was the confirmed vector. Fully air-gapped IT would block this entry, though other risks (e.g., insider threats) could persist.