A Little Late to the Party: US Sees 'Cyberattack' in Ukraine

February 26, 2016

By Rory J. Thompson - Web Editor

Finally affirming what many power experts had long suspected, the U.S. Department of Homeland Security said this week that a December power outage in Ukraine affecting 225,000 customers was the result of a cyber attack. This marks the first time the U.S. government officially recognized the blackout as caused by a malicious hack, to the consternation of those who had drawn that same conclusion some time back.

"If they had come out two months ago and said this, it would have been useful,” said Robert Lee, chief executive of Dragos Security, a cyber security firm, told Reuters (News - Alert). “But at this point they’re saying things we already know.”

The story goes back to the downing of utilities in western Ukraine on December 23, which numerous experts marked as the first known successful cyber intrusion to knock a power grid offline.

The published alert from DHS's Industrial Control Systems Cyber Emergency Response Team (ICS CERT) does not confirm attribution of the attack. But U.S. cyber intelligence firm iSight Partners and other security researchers have linked the incident to a Russian hacking group known as “Sandworm,” Reuters reported.

DHS based its assessment on interviews with six Ukrainian organizations that were affected by the blackout, but added that investigators were not able to independently review technical evidence.

According to sources, the hackers remotely switched breakers in a way that cut power after installing malware. Further, the attackers are also believed to have spammed the Ukraine utility’s customer-service center with phone calls at the time. This was reportedly done to prevent real customers from communicating about their downed power. That’s according to a report released last month by Washington-base SANS Inc.

Regardless of how it was done, the outage just drives home the message that having an uninterruptible power supply is a must for anyone conducting business or otherwise working online. While an outage of this scope can cause untold damage, further losses can be avoided if computer users have a UPS, allowing them precious minutes to save documents and work offline. Consider that the next time you have multiple windows open, and the lights flicker.

Edited by Stefania Viscusi

Article comments powered by Disqus

Power Your campus

Featured Whitepapers

Security & Power: The Critical Role of Power Protection for Security

This White Paper provides security users and installers with valuable information about the importance of power protection for security equipment.

Saving Time & Money with Remote Power Management

This White Paper provides statistics and information about the cost of downtime related to remote equipment, and how organizations can benefit from including remote power management products (IP-addressable PDUs) in their power protection strategy.

Powering Your Disaster Planning

The white paper describes key components of a comprehensive plan to prevent businesses and other organizations from suffering severe consequences as a result of a power outage.

Featured Technotes

What is 3-phase Power?

This installment of the TechNotes series takes you through the basics of single, dual, and 3-phase power, giving you the knowledge to decide which type of power is best for your needs.

Endeavor: Added Runtime vs. Added Cost

This TechNotes paper looks at the relationship between added cost and added runtime when including XL battery packs with Minuteman Endeavor 1kVA, 2kVA, & 3kVA UPSs.

Featured Podcast

The Importance of Remote Power Management for Disaster Preparedness

TMC podcast with Minuteman UPS/Para Systems on the importance of remote power management solutions for optimum power protection.