Follow Slashdot stories on Twitter

 



Forgot your password?
typodupeerror
Crime Security

Ukraine's Power Outage Was a Cyber Attack, Says Power Supplier (reuters.com) 59

A power blackout in Ukraine's capital Kiev last month was caused by a cyber attack and investigators are trying to trace other potentially infected computers and establish the source of the breach, utility Ukrenergo told Reuters on Wednesday. From the report: When the lights went out in northern Kiev on Dec. 17-18, power supplier Ukrenergo suspected a cyber attack and hired investigators to help it determine the cause following a series of breaches across Ukraine. Preliminary findings indicate that workstations and Supervisory Control and Data Acquisition (SCADA) systems, linked to the 330 kilowatt sub-station "North", were influenced by external sources outside normal parameters, Ukrenergo said in comments emailed to Reuters. "The analysis of the impact of symptoms on the initial data of these systems indicates a premeditated and multi-level invasion," Ukrenergo said.
This discussion has been archived. No new comments can be posted.

Ukraine's Power Outage Was a Cyber Attack, Says Power Supplier

Comments Filter:
  • by Anonymous Coward on Wednesday January 18, 2017 @12:04PM (#53689397)

    Can't imagine which nation could possibly have a motive against Ukraine, especially one with a track record of cyber attacks and offensive maneuvers against Ukraine...

  • Retards (Score:5, Insightful)

    by Artem Tashkinov ( 764309 ) on Wednesday January 18, 2017 @12:05PM (#53689405)
    When your power grid management interfaces are directly connected to the Internet you must suffer. There's no excuse for that.
    • Re:Retards (Score:4, Informative)

      by geekmux ( 1040042 ) on Wednesday January 18, 2017 @12:17PM (#53689491)

      When your power grid management interfaces are directly connected to the Internet you must suffer. There's no excuse for that.

      Not saying it necessarily was in this case, but if such a connection is justified, then there's no excuse for not mitigating that risk properly with an applicable security model.

      The answer is risk mitigation and management. If we unplugged everything that got hacked, nothing would be online.

      • Re:Retards (Score:4, Insightful)

        by bobbied ( 2522392 ) on Wednesday January 18, 2017 @12:33PM (#53689577)

        When your power grid management interfaces are directly connected to the Internet you must suffer. There's no excuse for that.

        Not saying it necessarily was in this case, but if such a connection is justified, then there's no excuse for not mitigating that risk properly with an applicable security model.

        The answer is risk mitigation and management. If we unplugged everything that got hacked, nothing would be online.

        And WHY do you need the power grid online in the first place?

        About the only reason can imagine you'd use the internet in a system designed for controlling the power grid is as a backup communications path for all those remote sites when your primary data path fails. However, you are an idiot if you don't use encrypted VPN's and some pretty restrictive firewalls in those cases.

    • Re:Retards (Score:4, Interesting)

      by Opportunist ( 166417 ) on Wednesday January 18, 2017 @12:21PM (#53689519)

      I'll remind you of this when the power goes down in your country.

      You'd probably be surprised just HOW vulnerable most of the world's critical infrastructure really is.

      • You'd probably be surprised just HOW vulnerable most of the world's critical infrastructure really is.

        Concerning power grids, no I wouldn't and people in the US and Canada would actually be surprised how well protected the bulk electrical system is here when compared to what is reported. Even small operators like to follow the security requirements that the large ones have to even if they don't as it does allow them to say that they are following the industry best practices which is a good CYA from lawsuits. Other countries are a different story and vary greatly but even those who hadn't cared much before

        • Hah. Your puny wires, locks, boxes and security consultants are total fail.

          Forget cockroaches, Donald Trump and Madonna.

          It's small, furry rodents. All the way down. And Bob, you really should know about this.

          • Goddamnit. Slashdot, just when are you going to enter the wonderful world of editing.....

            small, furry rodent [cybersquirrel1.com] redux.

            • Many thanks for the link. I thought that when the head of the NSA said "squirrels", it was a metaphor or sekret code word. Not so. Now I'm worried about jellyfish. We get a lot of outages in rural Colorado. I'm going on the hunt for giant electricity-sucking alien jellyfishes hovering above high tension towers.
    • by Anonymous Coward

      As the StuxNet example shows, it isn't simply a matter of direct connections to the Internet.

      And if you want to run a powergrid, connecting your systems is going to happen. It's imprudent to act otherwise.

    • by ljw1004 ( 764174 )

      When your power grid management interfaces are directly connected to the Internet you must suffer. There's no excuse for that.

      There are plenty good reasons. You're being extreme.

      The grid management has to be connected to *some* network. That's so you can monitor the health of the grid from a central location, and coordinate a distributed response to events. (Heck, it's also useful if you can connect to control it even when weather conditions make it too hazardous to travel on-site).

      [1] You could do that with suitable VPNing over the public internet. That way you benefit from its extensive reach, its cheap price, its resilience, th

      • Heck, it's also useful if you can connect to control it even when weather conditions make it too hazardous to travel on-site

        Operators have worked shifts that last longer than a day. If a storm is coming in very often the power company will put a second set of operators up in a hotel within walking distance (often just a couple hundred meters) so that they can rotate people in and out as needed. This would also hold for having a second set of operators at the backup site as well, so there would be 4 sets of operators ready to go in these cases.

        [1] You could do that with suitable VPNing over the public internet. That way you benefit from its extensive reach, its cheap price, its resilience, the rapid repair time that ISPs offer. All you need to build is a network connection from each of your grid nodes to the nearest internet.

        Not done in the US and not allowed by regulation.

        [2] Or you could do it with dedicated leased lines that aren't part of the internet. You'll pay a heck of a lot more, and loads of grid nodes won't have convenient connection.

        This is done but usually only between

  • Practice (Score:5, Insightful)

    by surfdaddy ( 930829 ) on Wednesday January 18, 2017 @12:21PM (#53689525)

    Kill two birds with one stone - Russia aggravates the Ukraine, and also practices for what they could do to Europe and the US.

    • I'm sure if this were the Russian government then ALL the powerstations would have gone down. The fact that only one went down suggests to me that it is some Russian nationalists with hacking skills and a nationalistic fire in their belly.

      Expect if we go to war against Russia/China all the lights will go off and communications will be disrupted in our country and theirs- at least initially.

    • by skids ( 119237 )

      The advantage of having enemies with soft IT targets is you get to practice your cyber attacks and hone your skills with little downside risk that you are exposing your capabilities.

      The U.S. has (at least up to now, we'll see) had some level of ethics preventing them from instigating territorial aggressions or just callously using small countries as target practice, and unlike traditional military where you can make a show of strength just by holding a parade, in cyber you'd be a fool to show off for fear o

  • by Ungrounded Lightning ( 62228 ) on Wednesday January 18, 2017 @12:55PM (#53689689) Journal

    ... 330 kilowatt sub-station ...

    That's either a typo or the Ukraine has a VERY wimpy power grid, to have a "substation" that small.

    330 kW is 440 HP, in the moderate-low range for a big rig's semitractor engine. In the US a typical household averages over a kilowatt 24/7, with peak hours higher. So a "substation" that small would serve a neighborhood of maybe a hundred houses or a bit more.

    In my Silicon Valley townhouse's neighborhood, built back in the '50s or so, we have over a hundred houses served by a single-phase "bank" - a parallel connection of three "pole pigs" spread out around the neighborhood, with their primaries and secondaries tied. It doesn't even rate an independent switch. (When a goose shorted and dropped a primary line they just disconnected the primaries to the segment containing the bank until it was fixed.) Several banks on each phase are tied together before you have enough load to rate actually installing a switch on the feed, several of those before it rates a remote-controlled switch, and several small towns (or a substantial factory) before it rates a "substation" - a fenced-off chunk of land with big box equipment.

  • They're going to need to call in a real expert for this one: http://www.gocomics.com/tomthe... [gocomics.com]

  • by Anonymous Coward

    Cyber attacks are dangerous, and security is important, but this is a very small power station...

    At my utility in Canada, we budget approximately 5-6kW of load per household/apartment... In Ukraine, due to socioeconomic conditions, I might reduce the estimated power consumption to 3-4kW per household to account for less electronics, etc...

    Therefore, the number of customer households out of power is approximately 330 / 3 = 110...

    If the power consumption actually is closer to our North American number of 5-6k

  • by Anonymous Coward

    the russians ate my homework!!!

Is a person who blows up banks an econoclast?

Working...