Ukraine's energy ministry has said it will hold off on discussing the matter until after Jan. 18, following completion of a formal probe into the matter.

The utility's operators were able to quickly recover by switching to manual operations, essentially disconnecting infected workstations and servers from the grid, according to the report.

SANS ICS said on its blog it had "high confidence" in its findings, which were based on discussions and analysis from "multiple international community members and companies."

The report's authors declined to identify those sources.

U.S. critical infrastructure security expert Joe Weiss said he believed the report's findings would be validated. "They did a phenomenal job," he said.

There is strong interest in the outage because of concerns that similar techniques could be used to launch more attacks on power operators around the globe.

"What is now true is that a coordinated cyber attack consisting of multiple elements is one of the expected hazards (electric utilities) may face," SANS ICS Director Michael Assante said in a blog.

"We need to learn and prepare ourselves to detect, respond, and restore from such events in the future," said Assante, former chief security officer of the quasi-governmental North American Electric Reliability Corp. (rt/ez)