Researchers confirm that Ukraine outage was cyber attack

Security teams have also linked the incident to a string of other hacks

Security researchers have confirmed the powercut suffered by the Ukrainian capital of Kiev was indeed the result of a cyber attack.

Information Systems Security Partners (ISSP), investigating on behalf of national energy company Ukrenego, reported that not only was the incident the work of malicious hackers, it was also linked to a campaign of similar attacks throughout the country.

The power outage, which occurred last December, took out around one fifth of the city's power for just over an hour. The attack closely mirrors the BlackEnergy hack, an attack on another Ukrainian power station that left around 700,000 homes without power in December 2015.

"The attacks in 2016 and 2015 were not much different," ISSP's Oleksii Yasnskiy told BBC News: "The only distinction was that the attacks of 2016 became more complex and were much better organised."

Advertisement
Advertisement - Article continues below
Advertisement - Article continues below

Alongside the two power outages, the security firm stated that further attacks on targets such as a national pension fund, government ministries and the national railway that happened throughout December were also linked. According to Ukrainian president Petro Poroshenko, the country's state apparatus was targeted roughly 6,500 times in the last two months of 2016.

He blamed the incidents on Russia, claiming that the country was waging a 'cyber war' with Ukraine. Many within the security community also suspected Russian involvement in the BlackEnergy hacks.

"While this second attack on the Ukrainian power grid is concerning, the string of attacks across high value targets in the Ukraine is more disturbing," said Tripwire's senior director of product management, Tim Erlin. "From finance to rail, the series of attacks has targeted Ukraine's critical infrastructure. When attackers can cause an outage, we're not talking about data protection; we're talking about human safety."

22/12/2016: Ukranian power outage result of energy system hack

Ukranian energy firm Ukrenergo has said a power outage in the northern side of Kiev may have been the work of hackers.

The company's director, Vsevolod Kovalchuk, said the outage was caused by external actors, who managed to take control of the system through its data network, resulting in a "failure in automation control". This meant engineers had to switch it to manual mode so they could take back control. Some power was restored within 30 minutes, while all customers reported their energy was back up and running after an hour and 15 minutes.

Advertisement - Article continues below

Other potential reasons for the supply going down include faulty equipment, but an investigation by authorities should find the root of the problem in the coming days.

If they do dsicover a hack was at fault, it has exposed how criminals are able to take control of entire power systems and they could also use it to disrupt water or gas supplies.

Lewis Henderson, consultant at Glasswall Solutions, warned a similar attack was possible in this country.

"UK power, gas and water utilities now have thousands of internet-connected devices any of which hackers will regard as a potential gateway into main command and control systems," he said. "We need to wake up to the seriousness of these threats. The attack on the Ukraine could be seen as a test of the hackers' ability to penetrate more sophisticated systems, so action is needed now.

Advertisement
Advertisement - Article continues below

"Every utility in Europe needs to act fast and adopt far more effective security, conventional anti-virus defences just don't work anymore against these new threats."

Ukraine is no stranger to attacks on its power system. In January, it was revealed by Symantec that a Trojan called Trojan.Disakil was used to take down three substations owned by a number of the Ukraine's biggest energy suppliers.

Featured Resources

Digitally perfecting the supply chain

How new technologies are being leveraged to transform the manufacturing supply chain

Download now

Three keys to maximise application migration and modernisation success

Harness the benefits that modernised applications can offer

Download now

Your enterprise cloud solutions guide

Infrastructure designed to meet your company's IT needs for next-generation cloud applications

Download now

The 3 approaches of Breach and Attack Simulation technologies

A guide to the nuances of BAS, helping you stay one step ahead of cyber criminals

Download now
Advertisement

Recommended

Visit/security/internet-security/354417/avast-and-avg-extensions-pulled-from-chrome
internet security

Avast and AVG extensions pulled from Chrome

19 Dec 2019
Visit/security/354156/google-confirms-android-cameras-can-be-hijacked-to-spy-on-you
Security

Google confirms Android cameras can be hijacked to spy on you

20 Nov 2019

Most Popular

Visit/operating-systems/25802/17-windows-10-problems-and-how-to-fix-them
operating systems

17 Windows 10 problems - and how to fix them

13 Jan 2020
Visit/microsoft-windows/32066/what-to-do-if-youre-still-running-windows-7
Microsoft Windows

What to do if you're still running Windows 7

14 Jan 2020
Visit/web-browser/30394/what-is-http-error-503-and-how-do-you-fix-it
web browser

What is HTTP error 503 and how do you fix it?

7 Jan 2020
Visit/policy-legislation/general-data-protection-regulation-gdpr/354577/data-protection-fines-hit-ps100m
General Data Protection Regulation (GDPR)

Data protection fines hit £100m during first 18 months of GDPR

20 Jan 2020