3 min read

Hackers suspected of causing power outage in Ukraine

Graham CLULEY

December 20, 2016

Hackers suspected of causing power outage in Ukraine

This weekend houses and businesses in parts in the northern part of Kiev were plunged into darkness after the electricity supply was unexpectedly cut off.

Authorities are investigating whether the unexpected power outage in Ukraine’s capital could be the latest in a series of hacking attacks which have struck the country’s electric grid and financial infrastructure in the last year.

Although the reason for the outage is not yet confirmed, investigators have said that the leading theory is that the energy grid was struck by a hacking attack, perhaps similar to the one which managed to shut down the power grid in December 2015.

The impacted energy company, Kyivenergo, confirmed that the power outage was unplanned and that it had taken action to restore electricity to its customers. Indeed, it sounds like Kyivenergo did a good job – recovering from the power blackout and restoring energy to households and companies in little more than an hour after the incident.

In a Facebook post, Vsevolod Kovalchuk of Kyivenergo pointed the finger of blame for the outage on “external interference through data network”:

ukraine-statement-1

“Don’t blame Kyivenergo. This time they have no guilt.”

Kovalchuk told Reuters that the outage was considerable, amounting to 200 megawatts of capacity, equivalent to about a fifth of the capital’s night-time energy consumption.

“That is a lot. This kind of blackout is very, very rare.”

Infamously, just before Christmas 2015, power companies in Ukraine were targeted by a malware attack that is widely thought to have contributed to the energy blackouts.

The malware attack, known as BlackEnergy, was spread via boobytrapped Word documents and tricked recipients via social engineering into enabling macros to activate the malicious payload.

With attackers actively using techniques like this against their targets it’s no surprise that many organisations are now choosing to permanently disable macros in Microsoft Word.

The hack attacks against Ukraine’s infrastructure didn’t stop there, with another attack following hot on the heels in January 2016, this time using a poisoned XLS spreadsheet to install a backdoor on the country’s power industry networks.

As well as attacks on its energy structure, Ukraine’s government websites have suffered a series of internet attacks designed to disrupt their operation and prevent users from accessing their services.

As recently as last week, Ukrainian officials were blaming the website DDoS attacks on pro-Russian separatists, attempting to prevent the government from keeping the public informed and causing delays in payments.

It’s too early to say for certain whether the Kiev power outage was the work of hackers, or indeed where those hackers might have been based or who might have been sponsoring them. It’s easy to name likely culprits but much much more difficult to reliably attribute with absolute authority who might have been responsible.

Nonetheless, if Ukraine’s power grid was again assaulted by hackers it wouldn’t take a huge leap in logic to determine which country might have a vested interest in causing the disruption.

With luck, more details of precisely what occurred this weekend to Ukraine’s power grid will be made public in the fullness of time.

In the meantime, anyone responsible for the security of industrial control systems and national infrastructure should think long and hard about whether they have done enough to protect their networks, and what can be done to further reduce the opportunities for external hackers to attack.

tags


Author



Right now

Top posts

Ultimate Privacy Guide for Your Facebook Account

Ultimate Privacy Guide for Your Facebook Account

August 31, 2021

6 min read
7 Signs It’s Time to Use Parental Controls On Your Family’s Devices

7 Signs It’s Time to Use Parental Controls On Your Family’s Devices

August 27, 2021

2 min read
Your Netflix Account May Be on Sale on Darkweb. Protect It

Your Netflix Account May Be on Sale on Darkweb. Protect It

August 13, 2021

3 min read
E-mails claiming your computer was hacked and your privacy exposed - what you need to know (spoiler: you can relax - they’re bluffing)

E-mails claiming your computer was hacked and your privacy exposed - what you need to know (spoiler: you can relax - they’re bluffing)

July 29, 2021

5 min read
Watch Out for These Ongoing Bank of America Phishing Campaigns Targeting Customers in the US

Watch Out for These Ongoing Bank of America Phishing Campaigns Targeting Customers in the US

July 16, 2021

3 min read
How to protect yourself against cyberstalking

How to protect yourself against cyberstalking

July 06, 2021

2 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

Microsoft Drops Password Authentication for Most Products Microsoft Drops Password Authentication for Most Products
Silviu STAHIE

September 16, 2021

1 min read
Apple Rolls Out Urgent Patch for Zero-Day Flaws in iOS, macOS and watchOS Apple Rolls Out Urgent Patch for Zero-Day Flaws in iOS, macOS and watchOS
Filip TRUȚĂ

September 14, 2021

2 min read
WhatsApp Users Get Option to Encrypt Backups WhatsApp Users Get Option to Encrypt Backups
Silviu STAHIE

September 13, 2021

1 min read