Skip to main content

American fears highlighted following hacker-driven Ukrainian power outage

researchers use ambient light sensor data to steal browser exhausted man computer problems desk hacking hackers malware frust
Shutterstock
Updated on 3-1-2016 by Lulu Chang: Following an alarming confirmation that Ukraine’s power outage last Christmas was indeed caused by hackers (making it the first known instance of a successful attack of that nature), the Obama administration is urging American power companies, water suppliers, and transportation networks to remain vigilant, the New York Times reports. The “extensive reconnaissance” of the Ukrainian power system managed to leave over 225,000 citizens without electricity, a situation that U.S. officials now worry could very well happen at home.

While the government has not yet officially placed the blame on Russia, it seems that suspicions are running higher than ever.

Recommended Videos

“There’s never been an intentional cyberattack that has taken the electric grid down before,” Robert M. Lee of the SANS Institute told the Times. He also noted that the attack was primarily symbolic in nature — indeed, it seems that the power outage was meant to send a message more than inflict any real damage or harm. “It was large enough to get everyone’s attention,” he said, “and small enough not to prompt a major response.”

Please enable Javascript to view this content

But if the same were to happen in the United States, the results may vary drastically. Ted Koppel (formerly of ABC News), pointed out major vulnerabilities in the American electric grid.

“We have 3,200 power companies, and we need a precise balance between the amount of electricity that is generated and the amount that is used,” he said. “And that can only be done over a system run on the Internet. The Ukrainians were lucky to have antiquated systems.”

So to prevent any such attacks from plunging us into darkness in the future, the Department of Homeland Security has made a number of recommendations. As the Times reports, “Make sure that outsiders accessing power systems or other networks that operate vital infrastructure can monitor the system, but not change it; close ‘back doors’ — system flaws that can give an intruder unauthorized access; have a contingency plan to shut down systems that have been infected, or invaded, by outsiders.

Original article and 2-27-2016 update by Lulu Chang: 

A new report published Thursday by the DHS Industrial Control Systems Cyber Emergency Response Team suggests that Ukraine’s power outage last Christmas was indeed the result of hacking. This confirms that the occurrence was the first known incident of a power outage caused directly by malicious hacker activity.

It’s still unclear how BlackEnergy malware contributed to the outage, and the new analysis from the DHS states, “… it is important to note that the role of BE (BlackEnergy) in this event remains unknown pending further technical analysis.”

What is known, however, is that “power outages were caused by remote cyber intrusions at three regional electric power distribution companies (Oblenergos) impacting approximately 225,000 customers,” and that the attack was “synchronized and coordinated, probably following extensive reconnaissance of the victim networks.” Each of the attacks took place within half an hour of one another, suggesting a relatively high level of sophistication.

One thing is for sure — the more we learn about this attack, the more concerning it seems.

To recap, Ukrainian power outage in late December was at the time suspected to be the result of a cyberattack, making the blackout the first ever caused by malware. American officials investigated Russian hackers for their alleged involvement in the scheme, in which at least three different power stations were compromised. Tens of thousands of people were left without power for several hours after the computers used to control the national grid were infected with the BlackEnergy Trojan malware, and many security experts expressed concern over the implications of the attack.

While 2015 exposed major problems in the digital infrastructure of companies across a variety of industries, few of these data breaches resulted in physical consequences (though of course, having your credit card information compromised is serious enough in and of itself). But this hack raised red flags around the issue of digitized warfare, with repercussions that may be more far-reaching than ever before.

“[The attack is] a milestone because we’ve definitely seen targeted destructive events against energy before — oil firms, for instance — but never the event which causes the blackout,” John Hultquist, head of security firm iSIGHT’s cyber espionage intelligence told Ars Technica, at the time the hack occurred “It’s the major scenario we’ve all been concerned about for so long.”

Ukrainian officials believe that a Russian group known as SandWorm is behind the malware attack, as the particular virus used is one that the hackers have been known to employ in the past.

One anonymous American official told the Washington Post that certain questions were being raised about the hack, such as, “What was the process that led up to it? Did we see any key indicators ahead of time?”

Although experts like Michael Assante at the SANS Institute, a cyber-training organization, say the attack was of “low to moderate sophistication,” the incident could still be a worrisome sign of things to come. President Obama has noted previously that the American electrical grid could be vulnerable to attack, and stated that, “In other countries cyber attacks have plunged entire cities into darkness.”

Lulu Chang
Former Digital Trends Contributor
Fascinated by the effects of technology on human interaction, Lulu believes that if her parents can use your new app…
PayPal vs. Venmo vs. Cash App vs. Apple Cash: which app should you use?
PayPal, Venmo, Cash App, and Apple Wallet apps on an iPhone.

We’re getting closer every day to an entirely cashless society. While some folks may still carry around a few bucks for emergencies, electronic payments are accepted nearly everywhere, and as mobile wallets expand, even traditional credit and debit cards are starting to fall by the wayside.

That means many of us are past the days of tossing a few bills onto the table to pay our share of a restaurant tab or slipping our pal a couple of bucks to help them out. Now, even those things are more easily doable from our smartphones than our physical wallets.

Read more
How to change margins in Google Docs
Laptop Working from Home

When you create a document in Google Docs, you may need to adjust the space between the edge of the page and the content --- the margins. For instance, many professors have requirements for the margin sizes you must use for college papers.

You can easily change the left, right, top, and bottom margins in Google Docs and have a few different ways to do it.

Read more
What is Microsoft Teams? How to use the collaboration app
A close-up of someone using Microsoft Teams on a laptop for a videoconference.

Online team collaboration is the new norm as companies spread their workforce across the globe. Gone are the days of primarily relying on group emails, as teams can now work together in real time using an instant chat-style interface, no matter where they are.

Using Microsoft Teams affords video conferencing, real-time discussions, document sharing and editing, and more for companies and corporations. It's one of many collaboration tools designed to bring company workers together in an online space. It’s not designed for communicating with family and friends, but for colleagues and clients.

Read more