Calibrated attack on Ukrainian power grid: Mafia-style warning signal?

Calibrated attack on Ukrainian power grid: Mafia-style warning signal?

[Ed. – This really is an amazing story.  Worth the time to read the whole thing.]

“It was brilliant,” says Robert M. Lee, who assisted in the investigation. Lee is a former cyber warfare operations officer for the US Air Force and is co-founder of Dragos Security, a critical infrastructure security company. “In terms of sophistication, most people always [focus on the] malware [that’s used in an attack],” he says. “To me what makes sophistication is logistics and planning and operations and … what’s going on during the length of it. And this was highly sophisticated.” …

The power wasn’t out long in Ukraine: just one to six hours for all the areas hit. But more than two months after the attack, the control centers are still not fully operational, according to a recent US report. Ukrainian and US computer security experts involved in the investigation say the attackers overwrote firmware on critical devices at 16 of the substations, leaving them unresponsive to any remote commands from operators. The power is on, but workers still have to control the breakers manually.

That’s actually a better outcome than what might occur in the US, experts say, since many power grid control systems here don’t have manual backup functionality, which means that if attackers were to sabotage automated systems here, it could be much harder for workers to restore power. …

 

Continue reading →


Commenting Policy

We have no tolerance for comments containing violence, racism, vulgarity, profanity, all caps, or discourteous behavior. Thank you for partnering with us to maintain a courteous and useful public environment where we can engage in reasonable discourse.

You may use HTML in your comments. Feel free to review the full list of allowed HTML here.