Pentest for an electricity distribution company
Phishing simulations and Blackbox web application testing for a major Ukrainian electricity distributor.
JSC "Prykarpattiaoblenergo" distributes electricity through power networks in Ukraine: 26,255.2 km of overhead and cable lines and 6,723 transformer substations. Approximately 2.7 billion kilowatt-hours of electricity is transmitted through the power grids per year.
Prykarpattiaoblenergo, a major electricity distribution company in Ukraine, recognised the critical importance of enhancing its cybersecurity posture. The project was driven by the need to comply with regulatory requirements and the heightened urgency to fortify defences amidst the ongoing war — where the aggressor seeks to inflict damage on critical infrastructure through cyberspace in addition to missile strikes.
The project encompassed a comprehensive approach to bolstering Prykarpattiaoblenergo's cybersecurity resilience:
- Social engineering scenariosSeveral phishing attacks targeting employees were simulated, aiming to gain access to corporate IT services.
- Blackbox web application pentestScope covered the website, personal-account web application, and other related services within the network perimeter.
The project yielded valuable insights and actionable recommendations to fortify Prykarpattiaoblenergo's cybersecurity defences:
- AssessmentPotential attack vectors and vulnerabilities were identified, enabling the client to prioritise and implement necessary security enhancements.
- Risk mitigationComprehensive guidance was provided to address the identified risks.
- Strategic roadmapThe assessment highlighted opportunities to bolster security processes, controls, and the overall cybersecurity posture.
By proactively addressing the findings and implementing the recommended measures, Prykarpattiaoblenergo can effectively mitigate cyber threats, ensure business continuity, and maintain the reliability of its critical electricity distribution operations — even in the face of adversarial attempts to compromise its systems.
More case studies
View allGlobal Mediator
Network and application security testing for one of the largest Microsoft technology development centres in Eastern Europe.
Read case studyDistar
Infrastructure pentesting and social engineering for the largest diamond tools manufacturer in Eastern Europe.
Read case studyUkrTransGaz
Targeted SAP ERP and IT-infrastructure assessment for the operator of Ukraine's underground gas storage facilities.
Read case studyHave a similar
challenge in mind?
We'll scope a senior-led penetration test against your specific environment — and deliver Technical, Executive and Action-plan reports that translate findings into business decisions.
- Reply within one business day
- NDA on request — no obligation
- Speak directly with our Head of OffSec
- Tailored scope & clear pricing