Ukraine's Power Outage Was a Cyber Attack, Says Power Supplier (reuters.com) 59
A power blackout in Ukraine's capital Kiev last month was caused by a cyber attack and investigators are trying to trace other potentially infected computers and establish the source of the breach, utility Ukrenergo told Reuters on Wednesday. From the report: When the lights went out in northern Kiev on Dec. 17-18, power supplier Ukrenergo suspected a cyber attack and hired investigators to help it determine the cause following a series of breaches across Ukraine. Preliminary findings indicate that workstations and Supervisory Control and Data Acquisition (SCADA) systems, linked to the 330 kilowatt sub-station "North", were influenced by external sources outside normal parameters, Ukrenergo said in comments emailed to Reuters. "The analysis of the impact of symptoms on the initial data of these systems indicates a premeditated and multi-level invasion," Ukrenergo said.
gee i wonder who (Score:5, Funny)
Can't imagine which nation could possibly have a motive against Ukraine, especially one with a track record of cyber attacks and offensive maneuvers against Ukraine...
Re: (Score:2)
Obligatory quote from one of the greatest movies of all time!
https://www.youtube.com/watch?... [youtube.com]
Re: (Score:2)
Can't imagine which nation could possibly have a motive against Ukraine, especially one with a track record of cyber attacks and offensive maneuvers against Ukraine...
So what exactly does Julian Assange have against Kyiv?
Re: (Score:1)
What are you insinuating, that Hillary Clinton's secret child-pizza ring is ALSO a 1337 hacker corps destabilizing eastern europe? I KNEW IT! To the Breitmobile!
Re: gee i wonder who (Score:2)
Re: gee i wonder who (Score:2)
Re: (Score:2)
Retards (Score:5, Insightful)
Re:Retards (Score:4, Informative)
When your power grid management interfaces are directly connected to the Internet you must suffer. There's no excuse for that.
Not saying it necessarily was in this case, but if such a connection is justified, then there's no excuse for not mitigating that risk properly with an applicable security model.
The answer is risk mitigation and management. If we unplugged everything that got hacked, nothing would be online.
Re: (Score:2)
If we unplugged everything that got hacked, nothing would be online.
You say that like it's a bad thing.
Believe me in many ways it would be nice to revert back to a sane security model of keeping shit offline.
Unfortunately you first have to convince the marketeers and investors who have turned "online" into a pot o' gold valued in the trillions.
There are legitimate use-cases... (Score:3)
I've never been to a power-generating station, so my speculations are very general...
Given: you wish to use computers to better manage the power-generation and distribution. Computers run software — either your own, or, more likely, commercial.
Software requires perpetual maintenance — fixing bugs and improving. Most of today's software vendors — both external and internal to enterprises — publish updates online. Voila, your computers need access to the Internet to get it. It may no
Re: There are legitimate use-cases... (Score:3)
Any even medium sized site will update via a designated update server so you aren't downloading the same update 500 times.
And since your mission critical Machines aren't connected they don't need Adobe updates etc.
Re: (Score:2)
The uranium-weaponization machinery in Iran was only more "mission critical" than a city's civilian power grid. And yet, Israelis/Americans managed to infect it anyway [wired.com].
From where would that local source obtain the files? The answer is: from the outside.
Whether you are connected to that outside via wires or sneakernet [techtarget.com] is not even relevant — all such connections are corruptible... A human being may be harder to corrupt, but not impossible. A dedicat
Re: (Score:2)
An online connected system is much more at risk than one needing an inside manual hand. it's why air-gap networks exist.
Mission critical should be air-gapped so that the risks can be reduced.
Updates are only applied after scanning and deployment in test systems, period.
Are you going to stop everything? of course not, but you'll stop a damned lot more than with internet connected mission critical computers.
Re: (Score:3)
Is it? Why? I can imagine a number of scenarios, when it may be easier to corrupt a human being, than to break the security software and/or encryption keys...
Iran's nuclear centrifuges were air-gapped. It did not save them... Worse, it may have made the break-in easier, while making its detection and cleanup harder.
Re:Retards (Score:4, Insightful)
When your power grid management interfaces are directly connected to the Internet you must suffer. There's no excuse for that.
Not saying it necessarily was in this case, but if such a connection is justified, then there's no excuse for not mitigating that risk properly with an applicable security model.
The answer is risk mitigation and management. If we unplugged everything that got hacked, nothing would be online.
And WHY do you need the power grid online in the first place?
About the only reason can imagine you'd use the internet in a system designed for controlling the power grid is as a backup communications path for all those remote sites when your primary data path fails. However, you are an idiot if you don't use encrypted VPN's and some pretty restrictive firewalls in those cases.
Re:Retards (Score:4, Interesting)
I'll remind you of this when the power goes down in your country.
You'd probably be surprised just HOW vulnerable most of the world's critical infrastructure really is.
Re: (Score:3)
You'd probably be surprised just HOW vulnerable most of the world's critical infrastructure really is.
Concerning power grids, no I wouldn't and people in the US and Canada would actually be surprised how well protected the bulk electrical system is here when compared to what is reported. Even small operators like to follow the security requirements that the large ones have to even if they don't as it does allow them to say that they are following the industry best practices which is a good CYA from lawsuits. Other countries are a different story and vary greatly but even those who hadn't cared much before
Re: (Score:3)
Hah. Your puny wires, locks, boxes and security consultants are total fail.
Forget cockroaches, Donald Trump and Madonna.
It's small, furry rodents. All the way down. And Bob, you really should know about this.
Re: (Score:3)
Goddamnit. Slashdot, just when are you going to enter the wonderful world of editing.....
small, furry rodent [cybersquirrel1.com] redux.
Re: Retards (Score:2)
Re: (Score:1)
As the StuxNet example shows, it isn't simply a matter of direct connections to the Internet.
And if you want to run a powergrid, connecting your systems is going to happen. It's imprudent to act otherwise.
Re: (Score:3)
All physical and RF ports, actually, not just USB, plus all unnecessary services not needed on the OOB management network you may or may not be lucky enough to have instead of VPNing over the internet. And you have to keep them locked down as you upgrade tens to hundreds of different operating systems across multiple vendors across multiple device hardware models. Which means thoroughly testing that the vendor didn't accidentally break the option setting that turns them off... if you were lucky enough to
Re: (Score:3)
And it helps if you aren't trying to purify bomb-grade uranium.
Re: (Score:2)
When your power grid management interfaces are directly connected to the Internet you must suffer. There's no excuse for that.
There are plenty good reasons. You're being extreme.
The grid management has to be connected to *some* network. That's so you can monitor the health of the grid from a central location, and coordinate a distributed response to events. (Heck, it's also useful if you can connect to control it even when weather conditions make it too hazardous to travel on-site).
[1] You could do that with suitable VPNing over the public internet. That way you benefit from its extensive reach, its cheap price, its resilience, th
Re: (Score:3)
Heck, it's also useful if you can connect to control it even when weather conditions make it too hazardous to travel on-site
Operators have worked shifts that last longer than a day. If a storm is coming in very often the power company will put a second set of operators up in a hotel within walking distance (often just a couple hundred meters) so that they can rotate people in and out as needed. This would also hold for having a second set of operators at the backup site as well, so there would be 4 sets of operators ready to go in these cases.
[1] You could do that with suitable VPNing over the public internet. That way you benefit from its extensive reach, its cheap price, its resilience, the rapid repair time that ISPs offer. All you need to build is a network connection from each of your grid nodes to the nearest internet.
Not done in the US and not allowed by regulation.
[2] Or you could do it with dedicated leased lines that aren't part of the internet. You'll pay a heck of a lot more, and loads of grid nodes won't have convenient connection.
This is done but usually only between
Practice (Score:5, Insightful)
Kill two birds with one stone - Russia aggravates the Ukraine, and also practices for what they could do to Europe and the US.
Re: (Score:3)
I'm sure if this were the Russian government then ALL the powerstations would have gone down. The fact that only one went down suggests to me that it is some Russian nationalists with hacking skills and a nationalistic fire in their belly.
Expect if we go to war against Russia/China all the lights will go off and communications will be disrupted in our country and theirs- at least initially.
Re: (Score:2)
The advantage of having enemies with soft IT targets is you get to practice your cyber attacks and hone your skills with little downside risk that you are exposing your capabilities.
The U.S. has (at least up to now, we'll see) had some level of ethics preventing them from instigating territorial aggressions or just callously using small countries as target practice, and unlike traditional military where you can make a show of strength just by holding a parade, in cyber you'd be a fool to show off for fear o
330 KILOwatt? (Score:3)
... 330 kilowatt sub-station ...
That's either a typo or the Ukraine has a VERY wimpy power grid, to have a "substation" that small.
330 kW is 440 HP, in the moderate-low range for a big rig's semitractor engine. In the US a typical household averages over a kilowatt 24/7, with peak hours higher. So a "substation" that small would serve a neighborhood of maybe a hundred houses or a bit more.
In my Silicon Valley townhouse's neighborhood, built back in the '50s or so, we have over a hundred houses served by a single-phase "bank" - a parallel connection of three "pole pigs" spread out around the neighborhood, with their primaries and secondaries tied. It doesn't even rate an independent switch. (When a goose shorted and dropped a primary line they just disconnected the primaries to the segment containing the bank until it was fixed.) Several banks on each phase are tied together before you have enough load to rate actually installing a switch on the feed, several of those before it rates a remote-controlled switch, and several small towns (or a substantial factory) before it rates a "substation" - a fenced-off chunk of land with big box equipment.
Re: (Score:2)
Re:330 KILOwatt? (Score:4, Informative)
Attack of "The Cyber" (Score:1)
They're going to need to call in a real expert for this one: http://www.gocomics.com/tomthe... [gocomics.com]
Not a very big power station... (Score:1)
Cyber attacks are dangerous, and security is important, but this is a very small power station...
At my utility in Canada, we budget approximately 5-6kW of load per household/apartment... In Ukraine, due to socioeconomic conditions, I might reduce the estimated power consumption to 3-4kW per household to account for less electronics, etc...
Therefore, the number of customer households out of power is approximately 330 / 3 = 110...
If the power consumption actually is closer to our North American number of 5-6k
soon there will be kids going... (Score:1, Funny)
the russians ate my homework!!!