Everything We Know About Ukraine’s Power Plant
Hack
Author: Kim Zetter.Kim Zetter Security
WIRED
| 2016-01-20
When the US government demonstrated in 2007 how hackers could take down
a power plant by
physically destroying a generator
with just 21 lines of code, many in the power industry dismissed the
demo as far-fetched. Some even accused the government of faking the
so-called Aurora Generator Test to scare the public.
That attack would certainly require a lot of skill and knowledge to pull
off, but hackers don’t need to destroy mega-size equipment to plunge a
community into darkness. The recent hack of electric utilities in
Ukraine shows how easy it can be to cut electricity, with the caveat
that taking down the grid isn’t always the same as keeping it down.
In the run-up to holidays last month, two power distribution companies
in Ukraine said that hackers had hijacked their systems to cut power to
more than 80,000 people. The intruders also sabotaged operator
workstations on their way out the digital door to make it harder to
restore electricity to customers. The lights came back on in three hours
in most cases, but because the hackers had sabotaged management systems,
workers had to travel to substations to manually close breakers the
hackers had remotely opened.
Days after the outage, Ukrainian officials appeared to blame Russia for
the attack, saying that Ukraine’s intelligence service had detected and
prevented an intrusion attempt “by Russian special services” against
Ukraine’s energy infrastructure. Last week,
speaking at the S4 security conference,
former NSA and CIA spy chief Gen. Michael Hayden warned that the attacks
were a harbinger of things to come for the US, and that Russia and North
Korea were two of the most likely culprits if the US power grid were
ever hit.
If hackers were responsible for the outages in
Ukraine, these would be the first known blackouts ever caused by a
cyberattack. But just how accurate are the news reports? How vulnerable
are US systems to similar attacks? And just how solid is the attribution
that Russia did it?
To separate fact from speculation, we’ve collected everything we know
and don’t know about the outages. This includes new information from a
Ukrainian expert involved in the investigation, who says at least eight
utilities in Ukraine were targeted, not two.