A Little Late to the Party: US Sees 'Cyberattack' in Ukraine

February 26, 2016

By Rory J. Thompson - Web Editor

Finally affirming what many power experts had long suspected, the U.S. Department of Homeland Security said this week that a December power outage in Ukraine affecting 225,000 customers was the result of a cyber attack. This marks the first time the U.S. government officially recognized the blackout as caused by a malicious hack, to the consternation of those who had drawn that same conclusion some time back.

"If they had come out two months ago and said this, it would have been useful,” said Robert Lee, chief executive of Dragos Security, a cyber security firm, told Reuters (News - Alert). “But at this point they’re saying things we already know.”

The story goes back to the downing of utilities in western Ukraine on December 23, which numerous experts marked as the first known successful cyber intrusion to knock a power grid offline.

The published alert from DHS's Industrial Control Systems Cyber Emergency Response Team (ICS CERT) does not confirm attribution of the attack. But U.S. cyber intelligence firm iSight Partners and other security researchers have linked the incident to a Russian hacking group known as “Sandworm,” Reuters reported.

DHS based its assessment on interviews with six Ukrainian organizations that were affected by the blackout, but added that investigators were not able to independently review technical evidence.

According to sources, the hackers remotely switched breakers in a way that cut power after installing malware. Further, the attackers are also believed to have spammed the Ukraine utility’s customer-service center with phone calls at the time. This was reportedly done to prevent real customers from communicating about their downed power. That’s according to a report released last month by Washington-base SANS Inc.

Regardless of how it was done, the outage just drives home the message that having an uninterruptible power supply is a must for anyone conducting business or otherwise working online. While an outage of this scope can cause untold damage, further losses can be avoided if computer users have a UPS, allowing them precious minutes to save documents and work offline. Consider that the next time you have multiple windows open, and the lights flicker.

Edited by Stefania Viscusi