How Hackers Disabled Ukraine Power Grid: Lessons For U.S. And Europe | Hacked: Hacking Finance
user

How Hackers Disabled Ukraine Power Grid: Lessons For U.S. And Europe

Introduction

Lester Coleman

Lester Coleman

Lester Coleman is a veteran business journalist based in the United States. He has covered the payments industry for several years and is available for writing assignments.


LATEST POSTS

Bitcoin Giant Bitmain Enters the High Stakes AI Race 27th August, 2017

Three Country Exchange Traded Funds Offer Potential For Investors 27th August, 2017

Breaches

How Hackers Disabled Ukraine Power Grid: Lessons For U.S. And Europe

Posted on .
This article was posted on Friday, 16:50, UTC.

When hundreds of Ukrainians in the Ivano-Frankivsk region lost power two weeks ago, government officials blamed Russians with disrupting the utilities’ software and jamming its telephone lines to prevent customers from alerting anyone, Hacked reported. These claims evoked fears of a worst-case scenario coming to life.

// -- Discuss and ask questions in our community on Workplace. Don't have an account? Send Jonas Borchgrevink an email -- //

However, cybersecurity researchers who investigated the power failure have since determined that the attack was not of the level that could undermine a major power grid in 15 minutes, according to Bloomberg.

Europe And U.S.: Tougher Targets

European and U.S. power grids are more automated and much tougher targets. To attack Manhattan’s power system, hackers would have to find flaws in systems that the utilities were not aware of.

Jason Larsen, a consultant at IOActive who specializes in industrial control systems, said the hacker destroyed at least 30 of the Ukraine’s 135 power substations for approximately six hours. Cybersecurity companies investigating the hack said it occurred in two stages. Hackers first used malware to guide the utilities’ industrial control computers to disconnect the substations. They then added a wiper virus, disabling the computers.

// -- Become a yearly Platinum Member and save 69 USD and get access to our secret group on Workplace. Click here to change your current membership -- //

Was Russia The Culprit?

Some of the companies investigating the hack said the Russians were behind it. The malware used, BlackEnergy3, is only associated with a group that researcher ISight Partners refers to as Sandworm. That group attacked the Ukrainian government and NATO in 2014.

John Hultquist, director of cyber espionage analysis at ISight, said Sandworm’s targets are definitely in line with Russia’s geopolitical interests.

In the Ukrainian hack, the hackers simply found the grid controls and executed a command that shut off the power. Older systems can be more susceptible to attacks like this while modern industrial control software is more adept at recognizing and rejecting such commands, Larsen said.

While the Ukrainian power grid was more vulnerable to attack, it was also easier to repair than a successful attack against a U.S. or European power grid would be.

Also read: Study: U.S. power grid is vulnerable to state-sponsored hackers

Lessons For U.S. And Europe

In the Ukraine, utility workers were able to restore power by resetting circuit breakers manually at the substations. Hackers capable of disrupting New York’s power plant software would most likely need to bypass safety mechanisms to run a transformer or generator hotter than usual, which would damage the equipment. Michael Assante, the former chief security officer at the nonprofit North American Electric Reliability, said such an action would keep a substation disabled for days or weeks.

Hackers could have targeted Ukraine’s power grid for the same reason that NATO jets in 1999 bombed Serbian power plants, which was to alarm the citizens that their government was unable to keep the lights on. The hackers could have viewed the attack as retaliation for a sabotage that caused a blackout in Kremlin-controlled Crimea in November. The saboteurs used explosives to destroy pylons and then attacked repair workers, causing a blackout for 1.2 million people for days.

The bottom line is that Ukraine’s aging systems make its grid easier to hack but also easier to repair in a matter of hours. A successful attack in the U.S. could last for weeks.

Featured image from Shutterstock.

Important: Never invest money you can't afford to lose. Always do your own research and due diligence before placing a trade. Read our Terms & Conditions here.



Feedback or Requests?

Lester Coleman

Lester Coleman

Lester Coleman is a veteran business journalist based in the United States. He has covered the payments industry for several years and is available for writing assignments.

Comments
  • user

    AUTHOR Real Anti-Racist Action

    Posted on 10:00 pm January 15, 2016.

    The US and Israel were responsible. They want to market to the American people expensive, in the billions of dollars upgrades to the power grid.
    Also, they are trying Psy-ops against Russia, to demonize them, and make them “the uber bad guy”.
    Most people are not falling for this crap. Most know that Mi6 and CIA and Mossad are responsible for 90% of the incidents they claim to be trying to protect us all from.

  • View Comments (1) ...
    Navigation
    The team:
    Dmitriy Lavrov
    Analyst
    Dmitriy Lavrov is a professional trader, technical analyst and money manager with 10 years of trading experience. He covers Forex, Commodities and Cryptocurrencies. He is among the top 10 most Read More
    Jonas Borchgrevink
    Founder
    Jonas Borchgrevink is the founder of Hacked.com and CryptoCoinsNews.com. He is a serial entrepreneur, trader and investor. He shares his own personal journey on Hacked.com. // -- Discuss and ask Read More
    Mate Csar
    Analyst
    Trader and financial analyst, with 10 years of experience in the field. An expert in technical analysis and risk management, but also an avid practitioner of value investment and passive Read More
    Mati Greenspan
    Analyst
    Senior Market Analyst at Etoro.com. // -- Discuss and ask questions in our community on Workplace. Don't have an account? Send Jonas Borchgrevink an email -- // Important: Never invest Read More
    Rakesh Upadhyay
    Analyst
    Rakesh Upadhyay is a Technical Analyst and Portfolio Consultant for The Summit Group. He has more than a decade of experience as a private trader. His philosophy is to use Read More
    Pamela Meropiali
    Account Manager
    Pamela Meropiali is responsible for users on Hacked.com. // -- Discuss and ask questions in our community on Workplace. Don't have an account? Send Jonas Borchgrevink an email -- // Read More
    Joseph Young
    Journalist
    Joseph Young is a finance and tech journalist & analyst based in Hong Kong. He has worked with leading media and news agencies in the technology and finance industries, offering Read More
    Hacked is seeking journalists and writers with a slant toward…