Researchers confirm that Ukraine outage was cyber attack

Security teams have also linked the incident to a string of other hacks

Security researchers have confirmed the powercut suffered by the Ukrainian capital of Kiev was indeed the result of a cyber attack.

Information Systems Security Partners (ISSP), investigating on behalf of national energy company Ukrenego, reported that not only was the incident the work of malicious hackers, it was also linked to a campaign of similar attacks throughout the country.

Advertisement - Article continues below

The power outage, which occurred last December, took out around one fifth of the city's power for just over an hour. The attack closely mirrors the BlackEnergy hack, an attack on another Ukrainian power station that left around 700,000 homes without power in December 2015.

"The attacks in 2016 and 2015 were not much different," ISSP's Oleksii Yasnskiy told BBC News: "The only distinction was that the attacks of 2016 became more complex and were much better organised."

Alongside the two power outages, the security firm stated that further attacks on targets such as a national pension fund, government ministries and the national railway that happened throughout December were also linked. According to Ukrainian president Petro Poroshenko, the country's state apparatus was targeted roughly 6,500 times in the last two months of 2016.

He blamed the incidents on Russia, claiming that the country was waging a 'cyber war' with Ukraine. Many within the security community also suspected Russian involvement in the BlackEnergy hacks.

Advertisement
Advertisement - Article continues below
Advertisement - Article continues below

"While this second attack on the Ukrainian power grid is concerning, the string of attacks across high value targets in the Ukraine is more disturbing," said Tripwire's senior director of product management, Tim Erlin. "From finance to rail, the series of attacks has targeted Ukraine's critical infrastructure. When attackers can cause an outage, we're not talking about data protection; we're talking about human safety."

22/12/2016: Ukranian power outage result of energy system hack

Ukranian energy firm Ukrenergo has said a power outage in the northern side of Kiev may have been the work of hackers.

The company's director, Vsevolod Kovalchuk, said the outage was caused by external actors, who managed to take control of the system through its data network, resulting in a "failure in automation control". This meant engineers had to switch it to manual mode so they could take back control. Some power was restored within 30 minutes, while all customers reported their energy was back up and running after an hour and 15 minutes.

Advertisement - Article continues below

Other potential reasons for the supply going down include faulty equipment, but an investigation by authorities should find the root of the problem in the coming days.

If they do dsicover a hack was at fault, it has exposed how criminals are able to take control of entire power systems and they could also use it to disrupt water or gas supplies.

Lewis Henderson, consultant at Glasswall Solutions, warned a similar attack was possible in this country.

"UK power, gas and water utilities now have thousands of internet-connected devices any of which hackers will regard as a potential gateway into main command and control systems," he said. "We need to wake up to the seriousness of these threats. The attack on the Ukraine could be seen as a test of the hackers' ability to penetrate more sophisticated systems, so action is needed now.

"Every utility in Europe needs to act fast and adopt far more effective security, conventional anti-virus defences just don't work anymore against these new threats."

Ukraine is no stranger to attacks on its power system. In January, it was revealed by Symantec that a Trojan called Trojan.Disakil was used to take down three substations owned by a number of the Ukraine's biggest energy suppliers.

Featured Resources

Successful digital transformations are future ready - now

Research findings identify key ingredients to complete your transformation journey

Download now

Cyber security for accountants

3 ways to protect yourself and your clients online

Download now

The future of database administrators in the era of the autonomous database

Autonomous databases are here. So who needs database administrators anymore?

Download now

The IT expert’s guide to AI and content management

Your guide to the biggest opportunities for IT teams when it comes to AI and content management

Download now
Advertisement
Advertisement

Recommended

Visit/security/cyber-security/355267/zoom-hires-ex-facebook-cso-to-boost-platform-security
cyber security

Zoom hires ex-Facebook CSO Alex Stamos to boost platform security

8 Apr 2020
Visit/security/vulnerability/355236/hp-support-assistant-flaws-leave-windows-devices-open-to-attack
vulnerability

HP Support Assistant flaws leave Windows devices open to attack

6 Apr 2020
Visit/security/cyber-security/355234/safari-bug-let-hackers-access-cameras-on-iphones-and-macs
cyber security

Safari bug let hackers access cameras on iPhones and Macs

6 Apr 2020
Visit/software/video-conferencing/355229/zoom-we-moved-too-fast
video conferencing

Zoom CEO admits company "moved too fast" as privacy issues mount

6 Apr 2020

Most Popular

Visit/mobile/mobile-phones/355239/microsofts-patent-design-reveals-a-mobile-device-with-a-third-screen
Mobile Phones

Microsoft patents a mobile device with a third screen

6 Apr 2020
Visit/server-storage/servers/355254/a-critical-flaw-in-350000-microsoft-exchange-remains-unpatched
servers

A critical flaw in 350,000 Microsoft Exchange remains unpatched

7 Apr 2020
Visit/software/video-conferencing/355257/taiwan-first-country-to-ban-zoom-amid-security-concerns
video conferencing

Taiwan becomes first country to ban Zoom amid security concerns

8 Apr 2020